Back to search
CVE-2012-2237
Published: Nov 13, 2019
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile.
| Vendor | Product | Versions |
|---|---|---|
Mahara | Mahara | affected 1.4.x before 1.4.3 and 1.5.x before 1.5.2 |
References
https://bugs.launchpad.net/mahara/+bug/1009774
x_refsource_MISC
https://bugs.launchpad.net/mahara/+bug/1009777
x_refsource_MISC
https://bugs.launchpad.net/mahara/+bug/1009784
x_refsource_MISC
https://mahara.org/interaction/forum/topic.php?id=4748
x_refsource_MISC
http://www.debian.org/security/2012/dsa-2540
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now