CVE-2021-32737

Sulu is an open-source PHP content management system based on the Symfony framework. In versions of Sulu prior to 1.6.41, it is possible for a logged in admin user to add a script injection cross-site-scripting in the collection title. The problem is patched in version 1.6.41. As a workaround, on...

SULU Sulu 跨站脚本漏洞

SULU Sulu is an extensible, PHP-based open source content management system on Symfony framework from Sulu SULU Austria. A cross-site scripting vulnerability exists in Sulu, which stems from a collection title that does not securely validate user input, and allows an attacker to enter a malicious...

Cross site scripting

An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting XSS due to not escaping it when viewing the collection's SmartEvidence overview page if that feature is turned on. This can be exploit...

CVE-2019-9709

An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting XSS due to not escaping it when viewing the collection's SmartEvidence overview page if that feature is turned on. This can be exploit...