CVE-2012-2253
24.11.2012, 20:55
Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
| Vendor | Product | Version |
|---|---|---|
| mahara | mahara | 1.5:rc1 |
| mahara | mahara | 1.5:rc2 |
| mahara | mahara | 1.5.0 |
| mahara | mahara | 1.5.1 |
| mahara | mahara | 1.5.2 |
| mahara | mahara | 1.5.3 |
| mahara | mahara | 1.5.4 |
| mahara | mahara | 1.5.6 |
| mahara | mahara | 1.6.0 |
| mahara | mahara | 1.6.1 |
𝑥
= Vulnerable software versions
Ubuntu Releases
References