2 matches found
CVE-2024-39923
An issue was discovered in Mahara 24.04 before 24.04.2 and 23.04 before 23.04.7. The About, Contact, and Help footer links can be set up to be vulnerable to Cross Site Scripting XSS due to not sanitising the values. These links can only be set up by an admin but are clickable by any logged-in...
CVE-2024-39923
CVE-2024-39923 affects Mahara, specifically versions Mahara 23.04 before 23.04.7 and 24.04 before 24.04.2. The issue stems from the About, Contact, and Help footer links not being sanitised, allowing cross-site scripting (XSS). The links are configurable by an administrator but are clickable by a...