CVE-2011-2771
Priority
Medium
Description
Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.4.1
allow remote attackers to inject arbitrary web script or HTML via vectors
related to (1) URI attributes and (2) the External Feed component, as
demonstrated by the guid element in an RSS feed.
allow remote attackers to inject arbitrary web script or HTML via vectors
related to (1) URI attributes and (2) the External Feed component, as
demonstrated by the guid element in an RSS feed.
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (1.2.4-1ubuntu0.4) |
| Ubuntu 11.04 (Natty Narwhal): | released (1.2.7-1ubuntu0.2) |
| Ubuntu 11.10 (Oneiric Ocelot): | released (1.4.0-1ubuntu0.1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | released (1.4.1-1) |
Patches:
| Vendor: | http://www.debian.org/security/2011/dsa-2334 |