Forums | Mahara Community

Security Announcements /
Security issue relating to Access control <1.8.6, <1.9.4, <1.10.1, <15.04.0


This topic is closed. Only moderators and the group administrators can post new replies.
Robert Lyon's profile picture
Posts: 776

17 April 2015, 14:48

Session management issue where old sessions were not invalidating after password change.

Category: Access control
Severity: High
Versions affected: <1.8.6, <1.9.4, <1.10.1, <15.04.0
Reported by: Abhishek Dashora
Bug reports: https://bugs.launchpad.net/mahara/+bug/1363873
CVE reference: 2017-1000136

Edits to this post:

Melvin Romero's profile picture
Posts: 6

18 April 2015, 6:51

Hi Robert,

I think the title and description do not match the bug report link you provided. It points the bug :

Group member can't access their own group file

Robert Lyon's profile picture
Posts: 776
3 results