Vulnerability Database

291,049

Total vulnerabilities in the database

CVE-2017-1000142

Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users being able to delete their submitted page through URL manipulation.

  • Published: Nov 3, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-1000142
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.5
  • AV:N/AC:L/Au:S/C:N/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
mahara / mahara 1.8.1 1.8.1.x
mahara / mahara 1.8.2 1.8.2.x
mahara / mahara 1.8.3 1.8.3.x
mahara / mahara 1.8.4 1.8.4.x
mahara / mahara 1.8.5 1.8.5.x
mahara / mahara 1.8.0 1.8.0.x
mahara / mahara 1.8-rc2 1.8-rc2.x
mahara / mahara 1.8-rc1 1.8-rc1.x
mahara / mahara 1.8.6 1.8.6.x
mahara / mahara 1.9.1 1.9.1.x
mahara / mahara 1.9.2 1.9.2.x
mahara / mahara 1.9.3 1.9.3.x
mahara / mahara 1.9.0 1.9.0.x
mahara / mahara 1.9-rc1 1.9-rc1.x
mahara / mahara 1.9.4 1.9.4.x
mahara / mahara 1.10.0 1.10.0.x
mahara / mahara 1.10-rc1 1.10-rc1.x
mahara / mahara 1.10.1 1.10.1.x
mahara / mahara 1.10.2 1.10.2.x
mahara / mahara 15.04-rc1 15.04-rc1.x
mahara / mahara 15.04-rc2 15.04-rc2.x