Debian Security Advisory 1822-1 - It was discovered that mahara, an electronic portfolio, weblog, and resume builder is prone to several cross-site scripting attacks, which allow an attacker to inject arbitrary HTML or script code and steal potential sensitive data from other users.
70c1ca906437e7d6c7e45bd64c5bf1389a3aa517f8ae08d92e53b44931f8e0f5