CVE-2009-3299 Information

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in the resume blocktype in Mahara before 1.0.13 and 1.1.x before 1.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://eduforge.org/frs/shownotes.php?release_id=546 http://eduforge.org/frs/shownotes.php?release_id=547 http://mahara.org/interaction/forum/topic.php?id=1170 http://secunia.com/advisories/37217 http://secunia.com/advisories/37218 http://www.debian.org/security/2009/dsa-1924 http://www.osvdb.org/59583 http://www.securityfocus.com/bid/36892 http://www.vupen.com/english/advisories/2009/3101

Share on: