CVE-2011-1405

Mahara <1.3.6 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows remote authenticated users to inject arbitrary web script or HTML via vectors associated with HTML e-mail messages, related to artefact/comment/lib.php and interaction/forum/lib.php.

References (6)

Scores

EPSS 0.0029
EPSS Percentile 51.8%

Classification

CWE
CWE-79
Status published

Affected Products (50)

mahara/mahara < 1.3.5
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
mahara/mahara
... and 35 more

Timeline

Published May 13, 2011
Tracked Since Feb 18, 2026