First published: Fri Nov 03 2017(Updated: )
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users receiving watchlist notifications about pages they do not have access to anymore.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mahara Mahara | =1.8-rc1 | |
Mahara Mahara | =1.8-rc2 | |
Mahara Mahara | =1.8.0 | |
Mahara Mahara | =1.8.1 | |
Mahara Mahara | =1.8.2 | |
Mahara Mahara | =1.8.3 | |
Mahara Mahara | =1.8.4 | |
Mahara Mahara | =1.8.5 | |
Mahara Mahara | =1.8.6 | |
Mahara Mahara | =1.9-rc1 | |
Mahara Mahara | =1.9.0 | |
Mahara Mahara | =1.9.1 | |
Mahara Mahara | =1.9.2 | |
Mahara Mahara | =1.9.3 | |
Mahara Mahara | =1.9.4 | |
Mahara Mahara | =1.10-rc1 | |
Mahara Mahara | =1.10.0 | |
Mahara Mahara | =1.10.1 | |
Mahara Mahara | =1.10.2 | |
Mahara Mahara | =15.04-rc1 | |
Mahara Mahara | =15.04-rc2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users receiving watchlist notifications about pages they do not have access to anymore.
The severity of Mahara vulnerability CVE-2017-1000143 is medium with a CVSS score of 4.3.
To fix Mahara vulnerability CVE-2017-1000143, upgrade to Mahara version 1.8.7, 1.9.5, 1.10.3, or 15.04.0.
More information about Mahara vulnerability CVE-2017-1000143 can be found at the following link: [link](https://bugs.launchpad.net/mahara/+bug/1429647).
The CWE-ID associated with Mahara vulnerability CVE-2017-1000143 is 200.