Summary
This host is running Mahara and is prone to Cross-Site Scripting Vulnerability.
Impact
Successful exploitation will allow attacker to cause Cross-Site Scripting attack.
Impact Level: Application
Solution
Upgrade to Mahara version 1.1.5 or 1.0.12 or later https://eduforge.org/projects/mahara
Insight
- An unknown attack vectors, it can exploited by inject arbitrary web script or HTML code into the affected application.
Affected
Mahara version 1.0 before 1.0.12 and 1.1 before 1.1.5
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-2170 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Continuum Cross Site Scripting Vulnerability
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
- AlienForm CGI script
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability