Описание
Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows remote authenticated users to inject arbitrary web script or HTML via vectors associated with HTML e-mail messages, related to artefact/comment/lib.php and interaction/forum/lib.php.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 1.3.6-1 |
| hardy | DNE | |
| lucid | released | 1.2.4-1ubuntu0.3 |
| maverick | released | 1.2.5-2ubuntu0.2 |
| natty | released | 1.2.7-1ubuntu0.1 |
| upstream | released | 1.3.6 |
Показывать по
Ссылки на источники
EPSS
3.5 Low
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows remote authenticated users to inject arbitrary web script or HTML via vectors associated with HTML e-mail messages, related to artefact/comment/lib.php and interaction/forum/lib.php.
Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows ...
Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows remote authenticated users to inject arbitrary web script or HTML via vectors associated with HTML e-mail messages, related to artefact/comment/lib.php and interaction/forum/lib.php.
EPSS
3.5 Low
CVSS2