Forums | Mahara Community

Forums /
Security Announcements


Subscribe to this forum to be notified about security fixes.

Topic Posts Last post

Closed Escalation of privileges, info disclosure, XSS exploits before Mahara 24.04.5 and Mahara 23.04.9 by Kristina Hoeppner



3 08 October 2024, 14:57

by Kristina Hoeppner

Closed XSS exploit in Mahara before 24.04.4, 23.04.8 by Kristina Hoeppner

Hello,
1 10 July 2024, 16:55

by Kristina Hoeppner

Closed XSS exploits and escalation of privileges in Mahara before 24.04.2 and 23.04.7 by Kristina Hoeppner

Kia ora Mahara community,
1 09 July 2024, 7:16

by Kristina Hoeppner

Closed XSS exploit in Mahara before 24.04.1, 23.04.6, and 22.10.6 by Kristina Hoeppner

Kia ora Mahara community,
1 14 May 2024, 19:58

by Kristina Hoeppner

Closed Information disclosure in Mahara before 23.04.4 and 22.10.4 by Kristina Hoeppner

Kia ora Mahara community,
1 08 November 2023, 16:40

by Kristina Hoeppner

Closed Information disclosure in Mahara before 21.04.7, 21.10.5, 22.04.3, and 22.10.0 by Kristina Hoeppner

Critical
1 01 November 2022, 18:01

by Kristina Hoeppner

Closed Incorrect access control in Mahara before 21.04.7, 21.10.5, 22.04.3, and 22.10.0 by Kristina Hoeppner

Vulnerability type: Incorrect access control
1 01 November 2022, 18:00

by Kristina Hoeppner

Closed Information disclosure in Mahara before 21.04.6, 21.10.4, and 22.04.2 and all versions of 20.04 and 20.10 by Kristina Hoeppner

Critical
1 16 June 2022, 15:48

by Kristina Hoeppner

Closed XSS exploit in 'External media' block in Mahara before 20.10.5, 21.04.4, and 21.10.2 by Robert Lyon



1 27 April 2022, 13:21

by Robert Lyon

Closed Strengthen the random generated tokens in Mahara before 20.10.5, 21.04.4, and 21.10.2 by Robert Lyon



1 27 April 2022, 13:20

by Robert Lyon

Closed Group search list shows too many results from page 2 onwards in Mahara before 20.10.5, 21.04.4, and 21.10.2 by Robert Lyon

Group search page shows too many results when i...
1 27 April 2022, 13:17

by Robert Lyon

Closed Mahara and Spring framework? by Kristina Hoeppner

Hello,
1 01 April 2022, 22:10

by Kristina Hoeppner

Closed Private group, site, or institution portfolios can be accessed by the URL without logging in by going to the URL in Mahara before 21.10.1 and 21.04.3 by Doris ⚡

Vulnerability type: Incorrect access control
1 09 February 2022, 17:26

by Doris ⚡

Closed Command injection when PDF bulk is enabled in Mahara before in Mahara before 21.10.1, 21.04.3, and 20.10.4 by Doris ⚡

This is a follow-up for an already released sec...
1 09 February 2022, 17:24

by Doris ⚡

Closed Able to see the name of another account holder’s folder in Mahara before 21.10.1, 21.04.3, and 20.10.4 by Doris ⚡

Vulnerability type: Incorrect access control
1 09 February 2022, 17:23

by Doris ⚡

Closed Accessing page help causing path traversal in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Vulnerability type: Path traversal
1 29 October 2021, 17:06

by Robert Lyon

Closed Tag syntax could cause code execution in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

 
1 29 October 2021, 17:03

by Robert Lyon

Closed PDF export cause code execution in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Vulnerability type: Code execution
1 29 October 2021, 17:02

by Robert Lyon

Closed Security issue with PHPMailer in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

A security issues has been resolved for an exte...
1 29 October 2021, 16:59

by Robert Lyon

Closed Exported CSV files could contain bad character syntax in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Vulnerability type: Other (CSV Injection)
1 29 October 2021, 16:54

by Robert Lyon

Closed Web services token vulnerablity in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, by Robert Lyon



1 29 October 2021, 16:52

by Robert Lyon

Closed Security issue relating to SimpleSAML PHP <20.04.4 <20.10.2 <21.04.1 by Lisa Seeto

Fix a security bug where in rare cases the data...
1 21 May 2021, 15:33

by Lisa Seeto

Closed Security issue relating to the SimpleSamlPhp <19.10.6, <20.04.3, <20.10.1 by Robert Lyon

A potential security issue has been resolved fo...
1 05 May 2021, 10:26

by Robert Lyon

Closed Security issue relating to the PHPMailer <19.10.6, <20.04.3, <20.10.1 by Robert Lyon

A security issues has been resolved for externa...
1 04 May 2021, 17:06

by Robert Lyon

Closed Security issue relating to jQuery in Mahara <19.04.7, <19.10.5, <20.04.2 by Kristina Hoeppner

Hello,
1 22 October 2020, 22:51

by Kristina Hoeppner

126 topics

Moderators:

Doris ⚡'s profile picture Doris ⚡