Avoid file or folder names containing JavaScript from being executed
Severity: High
Vulnerability type: Cross Site Scripting (XSS)
In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before
20.04.1, certain places could execute file or folder names containing
JavaScript.
To be posted in the security forum:
Avoid file or folder names containing JavaScript from being executed
Severity: High
Vulnerability type: Cross Site Scripting (XSS)
In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before
20.04.1, certain places could execute file or folder names containing
JavaScript.
Reported by: Adesh Nandkishor Kolte /bugs.launchpad .net/mahara/ +bug/1888163
Bug report: https:/
CVE reference: CVE-2020-15907
Link CVE number above to https:/ /cve.mitre. org/cgi- bin/cvename. cgi?name= 2020-15907