First published: Tue Jan 30 2018(Updated: )
An issue was discovered in Mahara before 18.10.0. It mishandled user requests that could discontinue a user's ability to maintain their own account (changing username, changing primary email address, deleting account). The correct behavior was to either prompt them for their password and/or send a warning to their primary email address.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mahara Mahara | <18.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-1000141 is a vulnerability found in Mahara before version 18.10.0 that mishandled user requests, potentially leading to unauthorized account modifications.
CVE-2017-1000141 has a severity keyword of 'medium' and a severity value of 6.5 out of 10.
CVE-2017-1000141 affects Mahara versions before 18.10.0 and could allow an attacker to disrupt a user's ability to maintain their account.
To fix CVE-2017-1000141, upgrade to Mahara version 18.10.0 or later.
You can find more information about CVE-2017-1000141 at the following reference: https://bugs.launchpad.net/mahara/+bug/1422492