7 matches found
EUVD-2019-19075
Malware in sbrugna...
CVE-2019-9709
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting XSS due to not escaping it when viewing the collection's SmartEvidence overview page if that feature is turned on. This can be exploit...
CVE-2019-9709
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting XSS due to not escaping it when viewing the collection's SmartEvidence overview page if that feature is turned on. This can be exploit...
Cross site scripting
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting XSS due to not escaping it when viewing the collection's SmartEvidence overview page if that feature is turned on. This can be exploit...
CVE-2019-9709
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting XSS due to not escaping it when viewing the collection's SmartEvidence overview page if that feature is turned on. This can be exploit...
CVE-2019-9709
An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting XSS due to not escaping it when viewing the collection's SmartEvidence overview page if that feature is turned on. This can be exploit...
CVE-2019-9709
Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1 are affected by an XSS in the collection title when viewing the collection’s SmartEvidence overview page (if enabled). Root cause: the title isn’t escaped. Impact: any logged-in user can exploit. Remediation: upgrade to f...