{"id":"CVE-2017-9551","details":"Mahara 15.04 before 15.04.14 and 16.04 before 16.04.8 and 16.10 before 16.10.5 and 17.04 before 17.04.3 are vulnerable to a user submitting potential dangerous payload, e.g. XSS code, to be saved as their name in the usr_registration table. The values are then emailed to the the user and administrator and if accepted become part of the new user's account.","modified":"2026-04-10T04:02:41.828763Z","published":"2017-09-25T16:29:00.507Z","references":[{"type":"ADVISORY","url":"https://mahara.org/interaction/forum/topic.php?id=8040"},{"type":"REPORT","url":"https://bugs.launchpad.net/mahara/+bug/1697308"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/maharaproject/mahara","events":[{"introduced":"0"},{"last_affected":"48a238a2f76a7ea322580fe93b7c026becd9acce"},{"introduced":"0"},{"last_affected":"39ac3f76ea3981e204aca4f25a6d60bd988094f0"},{"introduced":"0"},{"last_affected":"9b217d5c0da7118a8c9d668794a3869d85276534"},{"introduced":"0"},{"last_affected":"71a160b12bcde1bd3569377c8e010436228aaf5f"},{"introduced":"0"},{"last_affected":"3b3d3e3cd03d1663da0b0e3826fcdff13f488886"},{"introduced":"0"},{"last_affected":"44ebd0f0993352955f7971920fa8ca231e6a8bb9"},{"introduced":"0"},{"last_affected":"d527a5edeb6087fd94956e1e3e18bcf4a432540d"},{"introduced":"0"},{"last_affected":"53ee40015a2363a6c5c3d3cccc3fb35e27a7abb0"},{"introduced":"0"},{"last_affected":"eea43577f7952fcfef7cbaf61b87cce1bdcdb8dd"},{"introduced":"0"},{"last_affected":"8f8c729b91c4db1b11a43ed9248385702608e6db"},{"introduced":"0"},{"last_affected":"734d408f59db38b464f616fbfb377fcddf522d4a"},{"introduced":"0"},{"last_affected":"80673cb4210bef8ec2592cd1bd6e59192373d66b"},{"introduced":"0"},{"last_affected":"76a6b2398e4d49c94d14103208a4c406f1e1a1a0"},{"introduced":"0"},{"last_affected":"7dddee6b891847be8d953de8ea98f9fd802042df"},{"introduced":"0"},{"last_affected":"0526e945057759b75205da13b71eac9703a8ab18"},{"introduced":"0"},{"last_affected":"8e6393cff844671df756f594f4857df454364a4b"},{"introduced":"0"},{"last_affected":"c4f30a389c34a2177a7f2aa60a69b2494c5f08fa"},{"introduced":"0"},{"last_affected":"131e345b6847f10cb4a59ca4c748224d8bbe3cab"},{"introduced":"0"},{"last_affected":"6151bb5fea5811277d051a81865b946d76a92fba"},{"introduced":"0"},{"last_affected":"bc9308e5d855dc04dc81990c2901b6e0b6e98102"},{"introduced":"0"},{"last_affected":"c3601dde87abf89382c8b3ac74d500b5e636560a"},{"introduced":"0"},{"last_affected":"850a663a5e911e819a8216a9405d84ea3cf3cdab"},{"introduced":"0"},{"last_affected":"c31365682523aa25abff879b5820f21515909fcf"},{"introduced":"0"},{"last_affected":"469428cf55bae3fc3dafdc8848a85ddb557815a6"},{"introduced":"0"},{"last_affected":"ae97c08cc818688980444c713d5573b5cd6a610a"},{"introduced":"0"},{"last_affected":"3b8f64ffc6b13d72ac52c05192d357d1cebd1737"},{"introduced":"0"},{"last_affected":"7bd5d2814970330a905d5e604e7cfa185d79f30d"},{"introduced":"0"},{"last_affected":"47f037064b8185131aae429305098113ad679421"},{"introduced":"0"},{"last_affected":"2d4a3b547ca5aa058a975f870f21ddf64fc840db"},{"introduced":"0"},{"last_affected":"a5fec14685428f641abd61cb6a1d8554e1790a16"},{"introduced":"0"},{"last_affected":"bc9bfdeea2193f5911209481176c4672c38339e8"},{"introduced":"0"},{"last_affected":"afb32f27e0ab32b46952ee043c169b34eec5a1d0"},{"introduced":"0"},{"last_affected":"8b133e5b26e79f9b6bac51b6309a95262b1f3840"},{"introduced":"0"},{"last_affected":"eef4f191c63bfba0883f37410de72d54cfb4f13d"},{"introduced":"0"},{"last_affected":"5b13e9ab0a021f86889a39cf45b413384009a4ab"},{"introduced":"0"},{"last_affected":"c1b8e4e448228b12a674c205a7288389613271e7"},{"introduced":"0"},{"last_affected":"04c27e5d4b28b520e4d9e874610b15b7dc54c74e"},{"introduced":"0"},{"last_affected":"2e5d0ff8ba15844e22c1a4faaa3bd71263dff0bf"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"15.04-rc1"},{"introduced":"0"},{"last_affected":"15.04-rc2"},{"introduced":"0"},{"last_affected":"15.04.0"},{"introduced":"0"},{"last_affected":"15.04.1"},{"introduced":"0"},{"last_affected":"15.04.2"},{"introduced":"0"},{"last_affected":"15.04.3"},{"introduced":"0"},{"last_affected":"15.04.4"},{"introduced":"0"},{"last_affected":"15.04.5"},{"introduced":"0"},{"last_affected":"15.04.6"},{"introduced":"0"},{"last_affected":"15.04.7"},{"introduced":"0"},{"last_affected":"15.04.8"},{"introduced":"0"},{"last_affected":"15.04.9"},{"introduced":"0"},{"last_affected":"15.04.10"},{"introduced":"0"},{"last_affected":"15.04.11"},{"introduced":"0"},{"last_affected":"15.04.12"},{"introduced":"0"},{"last_affected":"15.04.13"},{"introduced":"0"},{"last_affected":"16.04-rc1"},{"introduced":"0"},{"last_affected":"16.04-rc2"},{"introduced":"0"},{"last_affected":"16.04.0"},{"introduced":"0"},{"last_affected":"16.04.1"},{"introduced":"0"},{"last_affected":"16.04.2"},{"introduced":"0"},{"last_affected":"16.04.3"},{"introduced":"0"},{"last_affected":"16.04.4"},{"introduced":"0"},{"last_affected":"16.04.5"},{"introduced":"0"},{"last_affected":"16.04.6"},{"introduced":"0"},{"last_affected":"16.04.7"},{"introduced":"0"},{"last_affected":"16.10-rc1"},{"introduced":"0"},{"last_affected":"16.10-rc2"},{"introduced":"0"},{"last_affected":"16.10.0"},{"introduced":"0"},{"last_affected":"16.10.1"},{"introduced":"0"},{"last_affected":"16.10.2"},{"introduced":"0"},{"last_affected":"16.10.3"},{"introduced":"0"},{"last_affected":"16.10.4"},{"introduced":"0"},{"last_affected":"17.04-rc1"},{"introduced":"0"},{"last_affected":"17.04-rc2"},{"introduced":"0"},{"last_affected":"17.04.0"},{"introduced":"0"},{"last_affected":"17.04.1"},{"introduced":"0"},{"last_affected":"17.04.2"}]}}],"versions":["1.0.0ALPHA1_RELEASE","1.0.0ALPHA2_RELEASE","1.0.0BETA2_RELEASE","1.1.0ALPHA1_RELEASE","1.1.0ALPHA2_RELEASE","1.1.0ALPHA3_RELEASE","1.1.0BETA2_RELEASE","1.1.0BETA4_RELEASE","1.2.0ALPHA2_RELEASE","1.2.0ALPHA3_RELEASE","1.3.0BETA1_RELEASE","1.3.0BETA2_RELEASE","1.4.0ALPHA1_RELEASE","1.7RC1_RELEASE","1.8RC1_RELEASE","1.8RC2_RELEASE","15.04.0_RELEASE","15.04.10_RELEASE","15.04.11_RELEASE","15.04.12_RELEASE","15.04.13_RELEASE","15.04.1_RELEASE","15.04.2_RELEASE","15.04.3_RELEASE","15.04.4_RELEASE","15.04.5_RELEASE","15.04.6_RELEASE","15.04.7_RELEASE","15.04.8_RELEASE","15.04.9_RELEASE","15.04RC1_RELEASE","15.04RC2_RELEASE","16.04.0_RELEASE","16.04.1_RELEASE","16.04.2_RELEASE","16.04.3_RELEASE","16.04.4_RELEASE","16.04.5_RELEASE","16.04.6_RELEASE","16.04.7_RELEASE","16.04RC1_RELEASE","16.04RC2_RELEASE","16.10.0_RELEASE","16.10.1_RELEASE","16.10.2_RELEASE","16.10.3_RELEASE","16.10.4_RELEASE","16.10RC1_RELEASE","16.10RC2_RELEASE","17.04.0_RELEASE","17.04.1_RELEASE","17.04.2_RELEASE","17.04RC1_RELEASE","17.04RC2_RELEASE"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9551.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}