2 matches found
Debian DSA-2591-1 : mahara - several vulnerabilities
Multiple security issues have been found in Mahara, an electronic portfolio, weblog, and resume builder, which can result in cross-site scripting, clickjacking or arbitrary file execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
CVE-2012-2246
CVE-2012-2246 affects Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4. The issue allows remote attackers to perform clickjacking and bypass CSRF protections to delete arbitrary users via account/delete.php. The vulnerability is described in the standard CVE details and is tied to Mahara deployme...