[Forgot Password]
Login  Register Subscribe

23631

 
 

126291

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1822 mahara -- insufficient input sanitization

ID: oval:org.mitre.oval:def:7815Date: (C)2009-12-15   (M)2017-11-18
Class: PATCHFamily: unix




It was discovered that mahara, an electronic portfolio, weblog, and resume builder is prone to several cross-site scripting attacks, which allow an attacker to inject arbitrary HTML or script code and steal potential sensitive data from other users. The oldstable distribution (etch) does not contain mahara.

Platform:
Debian 4.0
Product:
mahara
Reference:
DSA-1822
CPE    1
cpe:/o:debian:debian_linux:5.0

© 2013 SecPod Technologies