Cross-Site Scripting (XSS) Vulnerability in Mahara 1.10 and 15.04
CVE-2017-1000138 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title.
Learn more about our Web Application Penetration Testing UK.