Secunia Security Advisory – Multiple vulnerabilities have been reported in Mahara, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and SQL injection attacks and bypass certain security restrictions.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/91411/sa40431.txt
Source: https://packetstormsecurity.com/files/91411/Secunia-Security-Advisory-40431.html