Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows remote attackers to inject arbitrary web script or HTML via a crafted forum post.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/48518http://www.securityfocus.com/bid/33619http://secunia.com/advisories/33813http://mahara.org/interaction/forum/topic.php?id=198
