CVE-2024-39923

Published: Aug 25, 2025

Modified: Aug 25, 2025

PUBLISHED

Description

An issue was discovered in Mahara 24.04 before 24.04.2 and 23.04 before 23.04.7. The About, Contact, and Help footer links can be set up to be vulnerable to Cross Site Scripting (XSS) due to not sanitising the values. These links can only be set up by an admin but are clickable by any logged-in person.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://mahara.org/interaction/forum/view.php?id=43

https://mahara.org/interaction/forum/topic.php?id=9546

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-39923

Description

Affected Products

References