3 matches found
CVE-2024-35203
Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scripting XSS via a file, with JavaScript code as part of its name, that is uploaded via the Mahara filebrowser system...
CVE-2024-35203
Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scripting XSS via a file, with JavaScript code as part of its name, that is uploaded via the Mahara filebrowser system...
CVE-2024-35203
CVE-2024-35203 affects Mahara before 22.10.6, 23.04.6, and 24.04.1, where a file uploaded via the Mahara filebrowser can carry a name containing JavaScript and trigger cross-site scripting (XSS). Root cause: improper sanitization of uploaded filenames. Impact: XSS possibility via file name in the...