CVE-2020-23052

2021-10-2220:15:10

Google

osv.dev

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component groupfiles.php via the Number (Nombre) and Description (Descripción) parameters.

CPENameOperatorVersion
maharaeq1.3.0BETA1_RELEASE
maharaeq1.3.0BETA3_RELEASE
maharaeq1.1.0ALPHA3_RELEASE
maharaeq1.8RC2_RELEASE
maharaeq1.4.0ALPHA1_RELEASE
maharaeq1.0.0ALPHA1_RELEASE
maharaeq1.2.0ALPHA1_RELEASE
maharaeq1.1.0ALPHA2_RELEASE
maharaeq1.3.0BETA2_RELEASE
maharaeq19.10.1_RELEASE

Name	Operator	Version
mahara	eq	1.3.0BETA1_RELEASE
mahara	eq	1.3.0BETA3_RELEASE
mahara	eq	1.1.0ALPHA3_RELEASE
mahara	eq	1.8RC2_RELEASE
mahara	eq	1.4.0ALPHA1_RELEASE
mahara	eq	1.0.0ALPHA1_RELEASE
mahara	eq	1.2.0ALPHA1_RELEASE
mahara	eq	1.1.0ALPHA2_RELEASE
mahara	eq	1.3.0BETA2_RELEASE
mahara	eq	19.10.1_RELEASE