CVE-2017-1000151

Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed by unusual parameters to end up in an error log.

Published: Nov 3, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-1000151
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
mahara / mahara	15.04-rc1	15.04-rc1.x
mahara / mahara	15.04-rc2	15.04-rc2.x
mahara / mahara	15.04.8	15.04.8.x
mahara / mahara	15.04.7	15.04.7.x
mahara / mahara	15.04.6	15.04.6.x
mahara / mahara	15.04.5	15.04.5.x
mahara / mahara	15.04.4	15.04.4.x
mahara / mahara	15.04.3	15.04.3.x
mahara / mahara	15.04.2	15.04.2.x
mahara / mahara	15.04.1	15.04.1.x
mahara / mahara	15.04.0	15.04.0.x
mahara / mahara	16.04-rc1	16.04-rc1.x
mahara / mahara	16.04-rc2	16.04-rc2.x
mahara / mahara	16.04.0	16.04.0.x
mahara / mahara	16.04.1	16.04.1.x
mahara / mahara	16.04.2	16.04.2.x
mahara / mahara	15.10.0	15.10.0.x
mahara / mahara	15.10.1	15.10.1.x
mahara / mahara	15.10.2	15.10.2.x
mahara / mahara	15.10.3	15.10.3.x
mahara / mahara	15.10.4	15.10.4.x

https://bugs.launchpad.net/mahara/+bug/1570221

Vulnerability Database

291,049

CVE-2017-1000151