Mahara Cross Site Scripting and Cross Site Request Forgery Vulnerabilities

Bugtraq ID: 47033
Class: Input Validation Error
CVE: CVE-2011-0439
CVE-2011-0440
Remote: Yes
Local: No
Published: Mar 25 2011 12:00AM
Updated: Mar 30 2011 03:06PM
Credit: Reported by the vendor, nSense
Vulnerable: Mahara Mahara 1.3.3
Mahara Mahara 1.2.5
Mahara Mahara 1.2.4
Mahara Mahara 1.2.3
Mahara Mahara 1.3.2
Mahara Mahara 1.3.1
Mahara Mahara 1.3.0
Mahara Mahara 1.2.6
Mahara Mahara 1.2.5
Mahara Mahara 1.2.2
Mahara Mahara 1.2.1
Mahara Mahara 1.2.0
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Not Vulnerable: Mahara Mahara 1.3.4
Mahara Mahara 1.2.7


 

Privacy Statement
Copyright 2010, SecurityFocus