Catalyst It · Mahara · CVE-2017-1000137
**Name of the Vulnerable Software and Affected Versions**
Mahara versions prior to 1.10.0
Mahara versions 15.04 before 15.04.0
**Description**
The issue allows for possible cross-site scripting when adding a text block to a page via the keyboard.
**Recommendations**
For Mahara versions prior to 1.10.0, update to version 1.10.0 or later.
For Mahara versions 15.04 before 15.04.0, update to version 15.04.0 or later.