Vulnerability Database

318,251

Total vulnerabilities in the database

CVE-2017-1000134

Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable because group members can lose access to the group files they uploaded if another group member changes the access permissions on them.

Published: Nov 3, 2017
Updated: Nov 9, 2025
CVE: CVE-2017-1000134
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
mahara / mahara	1.8.1	1.8.1.x
mahara / mahara	1.8.2	1.8.2.x
mahara / mahara	1.8.3	1.8.3.x
mahara / mahara	1.8.4	1.8.4.x
mahara / mahara	1.8.5	1.8.5.x
mahara / mahara	1.8.0	1.8.0.x
mahara / mahara	1.8-rc2	1.8-rc2.x
mahara / mahara	1.8-rc1	1.8-rc1.x
mahara / mahara	1.9.1	1.9.1.x
mahara / mahara	1.9.2	1.9.2.x
mahara / mahara	1.9.3	1.9.3.x
mahara / mahara	1.9.0	1.9.0.x
mahara / mahara	1.9-rc1	1.9-rc1.x
mahara / mahara	1.10.0	1.10.0.x
mahara / mahara	1.10-rc1	1.10-rc1.x
mahara / mahara	15.04-rc1	15.04-rc1.x
mahara / mahara	15.04-rc2	15.04-rc2.x

https://bugs.launchpad.net/mahara/+bug/1267686

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo