Mahara Community

TABS

Forums > Security Announcements

Subscribe to this forum to be notified about security fixes.

Topics

Topic	Poster	Posts	Last post
Security issues in HTML Purifier external library in <1.6.9, <1.7.5, <1.8.2 Mahara uses the external HTML Purifier library ...	Aaron Wells	1	03 April 2014, 3:42 PM by Aaron Wells
Suspended user access vulnerability in <1.6.9, <1.7.5, <1.8.2 Suspended users can login via the "reset passwo...	Aaron Wells	1	03 April 2014, 3:35 PM by Aaron Wells
Access Folder Artefact Vulnerabilities in <1.5.13, <1.6.8, <1.7.4 Unauthorized access to a folder by group members	Son Nguyen	1	31 October 2013, 4:32 PM by Son Nguyen
Cross-site Scripting Vulnerability in <1.5.12, <1.6.7, <1.7.3 Category: Cross-site Scripting	Aaron Wells	1	03 October 2013, 10:59 PM by Aaron Wells
Multiple Access Control Vulnerabilities in <1.5.12, <1.6.7, <1.7.3 Multiple Access Control Vulnerabilities in <1.5...	Aaron Wells	1	03 October 2013, 10:49 PM by Aaron Wells
RSS feed password vulnerability <1.5.10, <1.6.5, <1.7.1 Potential compromise of stored passwords in RSS...	Aaron Wells	1	03 May 2013, 12:54 PM by Aaron Wells
Cross-site Scripting Vulnerability <1.5.9, <1.6.4 Stored XSS vulnerability in Mahara's usage of T...	Aaron Wells	1	15 April 2013, 6:18 PM by Aaron Wells
External vulnerability in Mahara flowplayer in <1.5.8 and <1.6.3 Cross site scripting vulnerability in external ...	Melissa Draper	1	15 February 2013, 4:58 PM by Melissa Draper
Cross-site Scripting vulnerability in Mahara <1.5.8 and <1.6.3 Cross-site Scripting Vulnerability	Melissa Draper	1	15 February 2013, 4:38 PM by Melissa Draper
Cross-site Scripting Vulnerability < 1.5.7, < 1.6.2 Cross-site Scripting Vulnerability Category:...	Hugh Davenport	2	23 November 2012, 4:16 PM by Melissa Draper
Click Jacking Vulnerability Click Jacking Vulnerability	Hugh Davenport	1	09 October 2012, 11:19 PM by Hugh Davenport
Cross-site Scripting Vulnerability Cross-site Scripting Vulnerability	Hugh Davenport	1	09 October 2012, 11:17 PM by Hugh Davenport
Multiple Cross-site Scripting Vulnerabilities Multiple Cross-site Scripting Vulnerabilities	Hugh Davenport	1	09 October 2012, 11:16 PM by Hugh Davenport
Remote Code Execution Vulnerability Remote Code Execution Vulnerability	Hugh Davenport	1	09 October 2012, 11:13 PM by Hugh Davenport
Conclusion of the Security Bug Bounty Hello,	Kristina Hoeppner	1	04 October 2012, 9:13 PM by Kristina Hoeppner
XML External Entities Vulnerability in versions 1.4.3 and 1.5.2 XML External Entities Vulnerability in versions...	Melissa Draper	1	13 September 2012, 8:53 PM by Melissa Draper
Multiple Cross-site Scripting Vulnerabilities in versions 1.4.2 and 1.5.1 Multiple Cross-site Scripting Vulnerabilities i...	Melissa Draper	1	31 July 2012, 1:45 AM by Melissa Draper
Insecure defaults in SAML plugin This security issue only affects sites which ma...	François Marier	1	15 February 2012, 8:52 PM by François Marier
Privilege Escalation (MNet) in Mahara 1.4.0 and 1.3.6 Category: Privilege Escalation Seve...	François Marier	1	03 November 2011, 5:56 PM by François Marier
Cross-site Request Forgery in Mahara 1.4.0 and 1.3.6 Category: Cross-site Request Forgery ...	François Marier	1	03 November 2011, 5:52 PM by François Marier
Cross-site Scripting in Mahara 1.4.0 and 1.3.6 Category: Cross-site Scripting Seve...	François Marier	1	03 November 2011, 5:48 PM by François Marier
Information Disclosure in Mahara 1.4.0 and 1.3.6 Category: Information Disclosure Se...	François Marier	1	03 November 2011, 5:46 PM by François Marier
Denial of Service in Mahara 1.4.0 and 1.3.6 Category: Denial of Service Severit...	François Marier	1	03 November 2011, 5:42 PM by François Marier
HTTPS downgrade in Mahara 1.2.8 and 1.3.5 Category: HTTPS to HTTP downgrade S...	François Marier	1	09 May 2011, 9:06 PM by François Marier
Cross-site scripting bugs in Mahara 1.2.8 and 1.3.5 Category: Cross-site scripting Seve...	François Marier	1	09 May 2011, 9:03 PM by François Marier

« First← Previous12Next →Last »

46 topics

MENU

Mahara Community

TABS

Forums > Security Announcements

Topics

Security issues in HTML Purifier external library in <1.6.9, <1.7.5, <1.8.2

Suspended user access vulnerability in <1.6.9, <1.7.5, <1.8.2

Access Folder Artefact Vulnerabilities in <1.5.13, <1.6.8, <1.7.4

Cross-site Scripting Vulnerability in <1.5.12, <1.6.7, <1.7.3

Multiple Access Control Vulnerabilities in <1.5.12, <1.6.7, <1.7.3

RSS feed password vulnerability <1.5.10, <1.6.5, <1.7.1

Cross-site Scripting Vulnerability <1.5.9, <1.6.4

External vulnerability in Mahara flowplayer in <1.5.8 and <1.6.3

Cross-site Scripting vulnerability in Mahara <1.5.8 and <1.6.3

Cross-site Scripting Vulnerability < 1.5.7, < 1.6.2

Click Jacking Vulnerability

Cross-site Scripting Vulnerability

Multiple Cross-site Scripting Vulnerabilities

Remote Code Execution Vulnerability

Conclusion of the Security Bug Bounty

XML External Entities Vulnerability in versions 1.4.3 and 1.5.2

Multiple Cross-site Scripting Vulnerabilities in versions 1.4.2 and 1.5.1

Insecure defaults in SAML plugin

Privilege Escalation (MNet) in Mahara 1.4.0 and 1.3.6

Cross-site Request Forgery in Mahara 1.4.0 and 1.3.6

Cross-site Scripting in Mahara 1.4.0 and 1.3.6

Information Disclosure in Mahara 1.4.0 and 1.3.6

Denial of Service in Mahara 1.4.0 and 1.3.6

HTTPS downgrade in Mahara 1.2.8 and 1.3.5

Cross-site scripting bugs in Mahara 1.2.8 and 1.3.5

Login

Mahara Community

QUICKLINKS

Support

Get involved

About

Partners

Download Mahara

Demo site

Home