Forums | Mahara Community

Security Announcements /
Security issue relating to Access control <1.8.6, <1.9.4, <1.10.1, <15.04.0

This topic is closed. Only moderators and the group administrators can post new replies.
Robert Lyon's profile picture
Posts: 439

17 April 2015, 2:48 PM

Session management issue where old sessions were not invalidating after password change.

Category: Access control
Severity: High
Versions affected: <1.8.6, <1.9.4, <1.10.1, <15.04.0
Reported by: Abhishek Dashora
Bug reports:
CVE reference: 2017-1000136

Edits to this post:
Melvin Romero's profile picture
Posts: 6

18 April 2015, 6:51 AM

Hi Robert,

I think the title and description do not match the bug report link you provided. It points the bug :

Group member can't access their own group file

Robert Lyon's profile picture
Posts: 439
3 results