First published: Fri Nov 03 2017(Updated: )
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to a user - in some circumstances causing another user's artefacts to be included in a Leap2a export of their own pages.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mahara Mahara | =15.04-rc1 | |
Mahara Mahara | =15.04-rc2 | |
Mahara Mahara | =15.04.0 | |
Mahara Mahara | =15.04.1 | |
Mahara Mahara | =15.04.2 | |
Mahara Mahara | =15.04.3 | |
Mahara Mahara | =15.04.4 | |
Mahara Mahara | =15.04.5 | |
Mahara Mahara | =15.04.6 | |
Mahara Mahara | =15.04.7 | |
Mahara Mahara | =16.04-rc1 | |
Mahara Mahara | =16.04-rc2 | |
Mahara Mahara | =16.04.0 | |
Mahara Mahara | =16.04.1 | |
Mahara Mahara | =15.10.0 | |
Mahara Mahara | =15.10.1 | |
Mahara Mahara | =15.10.2 | |
Mahara Mahara | =15.10.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-1000133 is a vulnerability in Mahara versions 15.04 before 15.04.8, 15.10 before 15.10.4, and 16.04 before 16.04.2.
CVE-2017-1000133 has a severity score of 7.5 (High).
CVE-2017-1000133 allows a user to include another user's artefacts in a Leap2a export of their own pages.
CVE-2017-1000133 affects Mahara versions 15.04 before 15.04.8, 15.10 before 15.10.4, and 16.04 before 16.04.2.
Yes, upgrading to Mahara versions 15.04.8, 15.10.4, or 16.04.2 will fix CVE-2017-1000133.