Lucene search
K

5 matches found

Prion
Prion
added 2017/11/03 6:29 p.m.10 views

Code injection

Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to anonymous comments being able to be placed on artefact detail pages even when the site administrator had disallowed anonymous comments...

4CVSS5AI score0.00695EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/11/03 6:29 p.m.17 views

CVE-2017-1000135

Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in after the institution they belong to is suspended...

6.5CVSS6.5AI score0.00619EPSS
Exploits1References1
OSV
OSV
added 2017/11/03 6:29 p.m.18 views

CVE-2017-1000146

Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to the arbitrary execution of Javascript in the browser of a logged-in user because the title of the portfolio page was not being properly escaped in the AJAX script that updates the Add/remove watchlist link o...

5.4CVSS7AI score
Exploits0References1
Cvelist
Cvelist
added 2017/11/03 6:0 p.m.20 views

CVE-2017-1000149

Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 before 15.10.2 are vulnerable to XSS due to window.opener target="blank" and window.open...

5.3AI score0.00495EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/11/03 6:0 p.m.17 views

CVE-2017-1000137

Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when adding a text block to a page via the keyboard rather than drag and drop...

5.4AI score0.00497EPSS
Exploits1References1
Rows per page
Query Builder