Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to the arbitrary execution of Javascript in the browser of a logged-in user because the title of the portfolio page was not being properly escaped in the AJAX script that updates the Add/remove watchlist link on artefact detail pages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Catalyst Mahara 跨站脚本漏洞
Vulnerability Description
Catalyst Mahara是新西兰Catalyst IT公司的一套社交网络系统。该系统包含博客、履历表生成器、文件管理器等。 Catalyst Mahara 1.9.7之前的1.9版本、1.10.5之前的1.10版本和15.04.2之前的15.04版本中的‘add to watchlist’链接存在跨站脚本漏洞。远程攻击者可利用该漏洞在当前用户的上下文中执行任意的Javascript代码。
CVSS Information
N/A
Vulnerability Type
N/A