[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110210

 
 

909

 
 

86021

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1822 mahara -- insufficient input sanitization

ID: oval:org.mitre.oval:def:7815Date: (C)2009-12-15   (M)2017-11-18
Class: PATCHFamily: unix




It was discovered that mahara, an electronic portfolio, weblog, and resume builder is prone to several cross-site scripting attacks, which allow an attacker to inject arbitrary HTML or script code and steal potential sensitive data from other users. The oldstable distribution (etch) does not contain mahara.

Platform:
Debian 4.0
Product:
mahara
Reference:
DSA-1822
CPE    1
cpe:/o:debian:debian_linux:5.0

© SecPod Technologies