CVE-2009-0664

Mahara <1.0.11, <1.1.3 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field in a user profile or (2) an arbitrary text block in a user view.

References (7)

Scores

EPSS 0.0044
EPSS Percentile 63.0%

Classification

CWE
CWE-79
Status published

Affected Products (23)

mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
... and 8 more

Timeline

Published Apr 23, 2009
Tracked Since Feb 18, 2026