Vulnerability Database

291,049

Total vulnerabilities in the database

CVE-2017-1000135

Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in after the institution they belong to is suspended.

  • Published: Nov 3, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-1000135
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
mahara / mahara 1.8.1 1.8.1.x
mahara / mahara 1.8.2 1.8.2.x
mahara / mahara 1.8.3 1.8.3.x
mahara / mahara 1.8.4 1.8.4.x
mahara / mahara 1.8.5 1.8.5.x
mahara / mahara 1.8.0 1.8.0.x
mahara / mahara 1.8-rc2 1.8-rc2.x
mahara / mahara 1.8-rc1 1.8-rc1.x
mahara / mahara 1.8.6 1.8.6.x
mahara / mahara 1.9.1 1.9.1.x
mahara / mahara 1.9.2 1.9.2.x
mahara / mahara 1.9.3 1.9.3.x
mahara / mahara 1.9.0 1.9.0.x
mahara / mahara 1.9-rc1 1.9-rc1.x
mahara / mahara 1.9.4 1.9.4.x
mahara / mahara 1.10.0 1.10.0.x
mahara / mahara 1.10-rc1 1.10-rc1.x
mahara / mahara 1.10.1 1.10.1.x
mahara / mahara 1.10.2 1.10.2.x
mahara / mahara 15.04-rc1 15.04-rc1.x
mahara / mahara 15.04-rc2 15.04-rc2.x