Forums | Mahara Community
Security announcements
/
Information disclosure in Mahara before 23.04.4 and 22.10.4
08 November 2023, 16:40
Kia ora Mahara community,
We have security updates available that fix an information disclosure issue that is also present in older unsupported versions of Mahara.
Current subscribers can access the code updates and details on the issue that was fixed:
Vulnerability type: Cross Site Scripting (XSS)
Attack type: Remote
Impact: Code execution
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 are vulnerable to unsafe deserialization of user input in skin import. A particularly structured XML file could cause code execution when being processed.
Reported by: Marlon Starkloff
Bug report for XSS
CVE reference: 2022-45134
Vulnerability type: Directory Traversal
Attack type: Remote
Impact: Incorrect access control / Code execution
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 are vulnerable to unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to get access to secure files or cause code execution based on the payload.
Reported by: Marlon Starkloff
Bug report for directory traversal
CVE reference: 2022-45133
Information disclosure
Attack type: Local
Impact: Information disclosure
Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administration interface or via the CLI, and the resulting export files are given to the account holders. They may contain images of other account holders because the cache is not cleared after the files of one account are exported.
Reported by: Francis Devine (Catalyst IT)
Bug report for HTML bulk export issue
CVE reference: CVE-2023-47799
If you prefer, the download packages are available via the 'Releases' page in the Subscriber Portal.
We recommend you update your instance of Mahara to the latest minor point release of the series of Mahara you are using, or if you are on an unsupported version of Mahara, upgrade to a supported one. Older unsupported versions of Mahara are vulnerable to this issue as well.
Mahara releases are available via a subscription. If you are on an unsupported version of Mahara, the extended security support can be purchased as an add-on.
Thank you
Kristina
Edits to this post:
-
Kristina Hoeppner - 22 August 2025, 13:46
-
Kristina Hoeppner - 22 August 2025, 13:59
-
Kristina Hoeppner - 22 August 2025, 14:11