In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, certain personal information is discoverable inspecting network responses on the 'Edit access' screen when sharing portfolios.
Reported by: Kristina Hoeppner and Robert Lyon (Catalyst IT)
Bug report: Launchpad bug 1863043
CVE reference: CVE-2020-9282
Get the latest releases from our Git repository. You can also download them from Launchpad:
]]>