Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when adding a text block to a page via the keyboard (rather than drag and drop).
{
"source": "CPE_STRING",
"cpe": [
"cpe:2.3:a:mahara:mahara:1.10:rc1:*:*:*:*:*:*",
"cpe:2.3:a:mahara:mahara:15.04:rc1:*:*:*:*:*:*",
"cpe:2.3:a:mahara:mahara:15.04:rc2:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "1.10-rc1"
},
{
"last_affected": "1.10-rc1"
},
{
"introduced": "15.04-rc1"
},
{
"last_affected": "15.04-rc1"
},
{
"introduced": "15.04-rc2"
},
{
"last_affected": "15.04-rc2"
}
]
}