Forums | Mahara Community

Security Announcements /
Multiple CSRF in Mahara 1.0.14, 1.1.8 and 1.2.4

This topic is closed. Only moderators and the group administrators can post new replies.

02 July 2010, 0:03

Category: Cross-site request forgery
Severity: Medium
Versions affected: < 1.0.15, < 1.1.9, < 1.2.5
Reported by: Mahara Team
Identifier: CVE-2010-1668

As part of a major security review, the Mahara team has identified and fixed a number of cross-site request forgery vulnerabilities in Mahara.

Upgrading to Mahara 1.0.15, 1.1.9 or 1.2.5 is recommended for all sites.

1 result