First published: Wed May 30 2018(Updated: )
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than masking that information.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mahara Mahara | >=17.04.0<17.04.8 | |
Mahara Mahara | >=17.10.0<17.10.5 | |
Mahara Mahara | =18.04.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-11565 is a vulnerability in Mahara versions 17.04 before 17.04.8, 17.10 before 17.10.5, and 18.04 before 18.04.1 that allows mentioning usernames that are already taken by people registered in the system.
CVE-2018-11565 has a severity rating of medium with a CVSS score of 5.3.
Mahara versions 17.04 before 17.04.8, 17.10 before 17.10.5, and 18.04 before 18.04.1 are affected by CVE-2018-11565.
CVE-2018-11565 falls under the CWE category 200, which is Information Exposure.
To fix CVE-2018-11565, it is recommended to upgrade to the latest patched version of Mahara.