CNNVD-202508-2999 Information

CNNVD ID

CNNVD-202508-2999

Related CVE

CVE-2024-39923

• CNNVD Published: 2025-08-25

Description (Chinese)

Mahara是Mahara的一个基于Web的免费开源电子档案袋管理系统。 Mahara 24.04.2之前版本和23.04.7之前版本存在安全漏洞，该漏洞源于未清理About、Contact和Help页脚链接值，可能导致跨站脚本攻击。

Description (English)

Mahara is a free, open-source electronic archive bag management system based on Web in Mahara. 24.24.2 There is a security loophole in previous versions of Mahara 24.04.2 and 23.04.7, which stems from the uncleaning of About, Contact and Help footer links, which could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mahara

Published

2025-08-25

Last Modified

2026-02-24

References

https://mahara.org/interaction/forum/view.php?id=43 https://mahara.org/interaction/forum/topic.php?id=9546 https://nvd.nist.gov/vuln/detail/CVE-2024-39923

Patch

https://mahara.org/