Vulnerability Details CVE-2024-39923
An issue was discovered in Mahara 24.04 before 24.04.2 and 23.04 before 23.04.7. The About, Contact, and Help footer links can be set up to be vulnerable to Cross Site Scripting (XSS) due to not sanitising the values. These links can only be set up by an admin but are clickable by any logged-in person.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.3%
CVSS Severity
CVSS v3 Score 6.1
References