CVE-2017-17454

Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 before 17.10.2 have a Cross Site Scripting XSS vulnerability when a user enters invalid UTF-8 characters. These are now going to be discarded in Mahara along with NULL characters and invalid Unicode characters. Mahara will also avoid...

CVE-2017-17454

Mahara is affected by a Cross Site Scripting (XSS) vulnerability in specific releases: 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before 17.10.2. The root cause involves improper handling of invalid UTF-8 characters; Mahara discards such characters (along with NULL and invalid Unicode)...