Description

An issue was discovered in Mahara 24.04 before 24.04.2 and 23.04 before 23.04.7. The About, Contact, and Help footer links can be set up to be vulnerable to Cross Site Scripting (XSS) due to not sanitising the values. These links can only be set up by an admin but are clickable by any logged-in person.

INFO

Published Date :

2025-08-25T00:00:00.000Z

Last Modified :

2025-08-25T20:38:16.248Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-39923 vulnerability.

Vendors Products
Mahara
  • Mahara
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-39923.

URL Resource
https://mahara.org/interaction/forum/topic.php?id=9546 cve-icon cve-icon
https://mahara.org/interaction/forum/view.php?id=43 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact