** Changed in: mahara
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1063480
Title:
Reflected XSS in user/group bulk CSV upload
Status in Mahara ePortfolio:
Fix Released
Status in Mahara 1.4 series:
Fix Released
Status in Mahara 1.5 series:
Fix Released
Bug description:
Affects the bulk user upload, as well as the group and group member
CSV uploads.
If the CSV header has unknown fields, these are displayed as an error with no
sanatization. This is done through pieforms error
displaying. This means it may affect other areas where pieform errors are
returned based on user data.
It affects versions atleast back to 1.2 with the bulk user upload.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1063480/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to : [email protected]
Unsubscribe : https://launchpad.net/~mahara-contributors
More help : https://help.launchpad.net/ListHelp
