mahara-contributors team mailing list archive

[Melissa Draper <melissa@xxxxxxxxxxxxx>]

** Changed in: mahara
       Status: New => Fix Released

** Changed in: mahara
   Importance: Undecided => High

** Changed in: mahara/1.6
       Status: New => Fix Released

** Changed in: mahara/1.6
   Importance: Undecided => High

** Changed in: mahara
     Assignee: (unassigned) => Aaron Wells (u-aaronw)

** Changed in: mahara/1.6
     Assignee: (unassigned) => Aaron Wells (u-aaronw)

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1091764

Title:
  Cross site Scripting(XSS) Vulnerability in Mahara 1.6

Status in Mahara ePortfolio:
  Fix Released
Status in Mahara 1.6 series:
  Fix Released
Status in Mahara 1.7 series:
  New

Bug description:
  Hi  Mahara Security Team,

  I have found a Persistent/Stored Cross site scripting (XSS)
  vulnerability in Mahara version 1.6.

  What is Cross site scripting(XSS): http://en.wikipedia.org/wiki/Cross-
  site_scripting

  The vulnerability exists in the following link:
  http://demo.mahara.org/artefact/internal/notes.php

  For example, in a note such as
  http://demo.mahara.org/artefact/internal/editnote.php?id=1XX , the
  "Note Title" is thrown with a xss vector such as "><img src=x
  onerror=prompt(1);> or <script>alert(/xss/);</script>.

  When the notes page(http://demo.mahara.org/artefact/internal/notes.php
  ) is loaded, the payload on the title triggers the xss since it is not
  sanitized.

  Fix it as soon as possible.
  Thanks.

  M.R.Vignesh Kumar(@vigneshkumarmr)

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1091764/+subscriptions