← back
CVE-2011-2771

CVE-2011-2771

EPSS 1.9%
Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) URI attributes and (2) the External Feed component, as demonstrated by the guid element in an RSS feed.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.launchpad.net/mahara/+bug/798136http://secunia.com/advisories/46719http://security.debian.org/debian-security/pool/updates/main/m/mahara/mahara_1.2.6-2+squeeze3.debian.tar.gzhttps://launchpad.net/mahara/+milestone/1.4.1http://www.debian.org/security/2011/dsa-2334