Candidate: CVE-2011-1405
PublicDate: 2011-05-13 22:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1405
Description: 
 Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows
 remote authenticated users to inject arbitrary web script or HTML via
 vectors associated with HTML e-mail messages, related to
 artefact/comment/lib.php and interaction/forum/lib.php. 
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/mahara/+bug/780917
Priority: low
Discovered-by:
Assigned-to: 
CVSS: 

Patches_mahara:
upstream_mahara: released (1.3.6)
dapper_mahara: DNE
hardy_mahara: DNE
lucid_mahara: released (1.2.4-1ubuntu0.3)
maverick_mahara: released (1.2.5-2ubuntu0.2)
natty_mahara: released (1.2.7-1ubuntu0.1)
devel_mahara: not-affected (1.3.6-1)