First published: Mon Mar 09 2020(Updated: )
In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, certain personal information is discoverable inspecting network responses on the 'Edit access' screen when sharing portfolios.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mahara Mahara | >=18.10.0<18.10.5 | |
Mahara Mahara | >=19.04.0<19.04.4 | |
Mahara Mahara | >=19.10.0<19.10.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Mahara vulnerability is CVE-2020-9282.
The severity level of CVE-2020-9282 is medium.
Mahara versions 18.10.0 to 18.10.5, 19.04.0 to 19.04.4, and 19.10.0 to 19.10.2 are affected by CVE-2020-9282.
CVE-2020-9282 allows certain personal information to be discoverable by inspecting network responses on the 'Edit access' screen when sharing portfolios.
Yes, you can find references for CVE-2020-9282 at the following links: [https://bugs.launchpad.net/mahara/+bug/1863043](https://bugs.launchpad.net/mahara/+bug/1863043) and [https://mahara.org/interaction/forum/topic.php?id=8590](https://mahara.org/interaction/forum/topic.php?id=8590)