Cross-Site Scripting Vulnerabilities in Mahara CMS by Catalyst IT Ltd
CVE-2020-23052
5.4MEDIUM
What is CVE-2020-23052?
Mahara CMS version 19.10.2 by Catalyst IT Ltd contains multiple vulnerabilities that allow for cross-site scripting (XSS) through the 'groupfiles.php' component. Specifically, the parameters 'Number' (Nombre) and 'Description' (DescripciĂłn) can be exploited by attackers to inject malicious scripts. This could lead to various security issues including unauthorized access to sensitive user data and manipulation of web content.