oss-sec mailing list archives

Re: CVE id request: mahara

From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 9 Feb 2009 14:42:19 -0500 (EST)


======================================================
Name: CVE-2009-0487
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0487
Reference: CONFIRM:http://mahara.org/interaction/forum/topic.php?id=198

Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows
remote attackers to inject arbitrary web script or HTML via a crafted
forum post.

Current thread:

CVE id request: mahara Steffen Joeris (Feb 04)
- Re: CVE id request: mahara Steven M. Christey (Feb 09)