|
|
Topic |
Poster |
Posts |
Last post |
|
|
Minor version number displayed in JS, CSS links
|
Robert Lyon
|
2 |
27 November 2014, 8:36 AM by
Robert Lyon
|
|
|
|
Password reset key leaked via HTTP "Referer" fi...
|
Robert Lyon
|
1 |
26 November 2014, 1:36 PM by
Robert Lyon
|
|
|
|
Author not anonymised on "Shared with me" page ...
|
Robert Lyon
|
1 |
26 November 2014, 12:18 PM by
Robert Lyon
|
|
|
|
Secret URL access permissions not cleared on lo...
|
Robert Lyon
|
1 |
26 November 2014, 12:17 PM by
Robert Lyon
|
|
|
|
SSRF (Server Side Request Forgery) is a vulnera...
|
Robert Lyon
|
1 |
26 November 2014, 12:14 PM by
Robert Lyon
|
|
|
|
Institution display names were not always prope...
|
Aaron Wells
|
1 |
22 October 2014, 4:18 PM by
Aaron Wells
|
|
|
|
Mahara institutions that use LDAP for authentic...
|
Robert Lyon
|
1 |
01 August 2014, 12:13 PM by
Robert Lyon
|
|
|
|
Mahara uses the external HTML Purifier library ...
|
Aaron Wells
|
1 |
03 April 2014, 3:42 PM by
Aaron Wells
|
|
|
|
Suspended users can login via the "reset passwo...
|
Aaron Wells
|
1 |
03 April 2014, 3:35 PM by
Aaron Wells
|
|
|
|
Unauthorized access to a folder by group members
|
Son Nguyen
|
1 |
31 October 2013, 4:32 PM by
Son Nguyen
|
|
|
|
Category: Cross-site Scripting
|
Aaron Wells
|
1 |
03 October 2013, 10:59 PM by
Aaron Wells
|
|
|
|
Multiple Access Control Vulnerabilities in <1.5...
|
Aaron Wells
|
1 |
03 October 2013, 10:49 PM by
Aaron Wells
|
|
|
|
Potential compromise of stored passwords in RSS...
|
Aaron Wells
|
1 |
03 May 2013, 12:54 PM by
Aaron Wells
|
|
|
|
Stored XSS vulnerability in Mahara's usage of T...
|
Aaron Wells
|
1 |
15 April 2013, 6:18 PM by
Aaron Wells
|
|
|
|
Cross site scripting vulnerability in external ...
|
Melissa Draper
|
1 |
15 February 2013, 4:58 PM by
Melissa Draper
|
|
|
|
Cross-site Scripting Vulnerability
|
Melissa Draper
|
1 |
15 February 2013, 4:38 PM by
Melissa Draper
|
|
|
|
Cross-site Scripting Vulnerability
Category:...
|
Hugh Davenport
|
2 |
23 November 2012, 4:16 PM by
Melissa Draper
|
|
|
|
Click Jacking Vulnerability
|
Hugh Davenport
|
1 |
09 October 2012, 11:19 PM by
Hugh Davenport
|
|
|
|
Cross-site Scripting Vulnerability
|
Hugh Davenport
|
1 |
09 October 2012, 11:17 PM by
Hugh Davenport
|
|
|
|
Multiple Cross-site Scripting Vulnerabilities
|
Hugh Davenport
|
1 |
09 October 2012, 11:16 PM by
Hugh Davenport
|
|
|
|
Remote Code Execution Vulnerability
|
Hugh Davenport
|
1 |
09 October 2012, 11:13 PM by
Hugh Davenport
|
|
|
|
Hello,
|
Kristina Hoeppner
|
1 |
04 October 2012, 9:13 PM by
Kristina Hoeppner
|
|
|
|
XML External Entities Vulnerability in versions...
|
Melissa Draper
|
1 |
13 September 2012, 8:53 PM by
Melissa Draper
|
|
|
|
Multiple Cross-site Scripting Vulnerabilities i...
|
Melissa Draper
|
1 |
31 July 2012, 1:45 AM by
Melissa Draper
|
|
|
|
This security issue only affects sites which ma...
|
François Marier
|
1 |
15 February 2012, 8:52 PM by
François Marier
|
