Total vulnerabilities in the database
Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.
| Software | From | Fixed in |
|---|---|---|
| mahara / mahara | 22.04.0-rc1 | 22.04.0-rc1.x |
| mahara / mahara | 21.10.0 | 21.10.2 |
| mahara / mahara | 21.04.0 | 21.04.4 |
| mahara / mahara | - | 20.10.5 |