CNNVD-202508-3103 Information

CNNVD ID

CNNVD-202508-3103

Related CVE

CVE-2024-45753

• CNNVD Published: 2025-08-26

Description (Chinese)

Mahara是Mahara的一个基于Web的免费开源电子档案袋管理系统。 Mahara 23.04.8版本和24.04.4版本存在安全漏洞，该漏洞源于外部RSS源链接属性包含恶意值，可能导致跨站脚本攻击。

Description (English)

Mahara is a free, open-source electronic archive bag management system based on Web in Mahara. There is a security loophole in versions 23,04.8 and 24.04.4, which stems from the presence of malicious values in the external RSS source link attributes, which may lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mahara

Published

2025-08-26

Last Modified

2026-02-24

References

https://mahara.org/interaction/forum/topic.php?id=9594 https://nvd.nist.gov/vuln/detail/CVE-2024-45753

Patch

https://mahara.org/