Vulnerabilities > Mahara > Mahara > 1.10.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-03 | CVE-2017-1000144 | Cross-site Scripting vulnerability in Mahara Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 before 15.04.1 are vulnerable to a site admin or institution admin being able to place HTML and Javascript into an institution display name, which will be displayed to other users unescaped on some Mahara system pages. | 3.5 |