Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mahara 15.04 before 15.04.15, 16.04 before 16.04.9, 16.10 before 16.10.6, and 17.04 before 17.04.4 are vulnerable to a user submitting a potential dangerous payload, e.g., XSS code, to be saved as their first name, last name, or display name in the profile fields that can cause issues such as escalation of privileges or unknown execution of malicious code when replying to messages in Mahara.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Catalyst Mahara 安全漏洞
Vulnerability Description
Catalyst Mahara是新西兰Catalyst IT公司的一套社交网络系统。该系统包含博客、履历表生成器、文件管理器等。 Catalyst Mahara中存在安全漏洞。攻击者可通过提交恶意的载荷利用该漏洞提升权限或执行恶意代码。以下版本受到影响:Mahara 15.04.15之前的15.04版本,16.04.9之前的16.04版本,16.10.6之前的16.10版本,17.04.4之前的17.04版本。
CVSS Information
N/A
Vulnerability Type
N/A