Cross-Site Scripting (XSS) Vulnerability in Mahara 1.10 and 15.04

Cross-Site Scripting (XSS) Vulnerability in Mahara 1.10 and 15.04

CVE-2017-1000138 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title.

Learn more about our Web Application Penetration Testing UK.