Debian Security Advisory 1778-1 – It was discovered that mahara, an electronic portfolio, weblog, and resume builder, is prone to cross-site scripting (XSS) attacks because of missing input sanitization of the introduction text field in user profiles and any text field in a user view.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/76906/dsa-1778-1.txt
Source: https://packetstormsecurity.com/files/76906/Debian-Linux-Security-Advisory-1778-1.html