4 matches found
CVE-2017-1000138
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title...
CVE-2017-1000138
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title...
CVE-2017-1000138
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title...
CVE-2017-1000138
The provided documents confirm CVE-2017-1000138 affects Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0. The issue is a cross-site scripting vulnerability triggered when a user drags/drops a file into a collection whose title contains JavaScript code, allowing injected script if the title is c...