Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: debian
Published:
Updated: 2024-08-06T19:26:08.961Z
Reserved: 2012-04-16T00:00:00
Link: CVE-2012-2237

No data.

Status : Modified
Published: 2019-12-17T18:15:12.637
Modified: 2024-11-21T01:38:44.913
Link: CVE-2012-2237

No data.

No data.