17.10.3

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-09	CVE-2018-6182	Cross-site Scripting vulnerability in Mahara Mahara 16.10 before 16.10.9 and 17.04 before 17.04.7 and 17.10 before 17.10.4 are vulnerable to bad input when TinyMCE is bypassed by POST packages. network mahara CWE-79	4.3
2018-01-30	CVE-2017-1000141	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Mahara An issue was discovered in Mahara before 18.10.0. network low complexity mahara CWE-640	6.4