Debian Security Advisory 1778-1 - It was discovered that mahara, an electronic portfolio, weblog, and resume builder, is prone to cross-site scripting (XSS) attacks because of missing input sanitization of the introduction text field in user profiles and any text field in a user view.
8e0d38429163229befdfea8c53107cdf16af82d127ee36f91ccf85c90f4dcf64