Mahara Community - Security Announcements

Mahara Community

Forums /
Security Announcements

Subscribe to this forum to be notified about security fixes.

Topic	Posts	Last post
Closed Accessing page help causing path traversal in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon Vulnerability type: Path traversal	1	29 October 2021, 17:06 by Robert Lyon
Closed Tag syntax could cause code execution in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon	1	29 October 2021, 17:03 by Robert Lyon
Closed PDF export cause code execution in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon Vulnerability type: Code execution	1	29 October 2021, 17:02 by Robert Lyon
Closed Security issue with PHPMailer in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon A security issues has been resolved for an exte...	1	29 October 2021, 16:59 by Robert Lyon
Closed Exported CSV files could contain bad character syntax in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon Vulnerability type: Other (CSV Injection)	1	29 October 2021, 16:54 by Robert Lyon
Closed Web services token vulnerablity in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, by Robert Lyon	1	29 October 2021, 16:52 by Robert Lyon
Closed Security issue relating to SimpleSAML PHP <20.04.4 <20.10.2 <21.04.1 by Lisa Seeto Fix a security bug where in rare cases the data...	1	21 May 2021, 15:33 by Lisa Seeto
Closed Security issue relating to the SimpleSamlPhp <19.10.6, <20.04.3, <20.10.1 by Robert Lyon A potential security issue has been resolved fo...	1	05 May 2021, 10:26 by Robert Lyon
Closed Security issue relating to the PHPMailer <19.10.6, <20.04.3, <20.10.1 by Robert Lyon A security issues has been resolved for externa...	1	04 May 2021, 17:06 by Robert Lyon
Closed Security issue relating to jQuery in Mahara <19.04.7, <19.10.5, <20.04.2 by Kristina Hoeppner Hello,	1	22 October 2020, 22:51 by Kristina Hoeppner
Closed Security issue relating to the file browser <19.04.6, <19.10.4, <20.04.1 by Robert Lyon Avoid file or folder names containing JavaScrip...	1	04 August 2020, 16:13 by Robert Lyon
Closed Security issue relating to the third-party library SimpleSAMLPHP <19.04.6, <19.10.4, <20.04.1 by Robert Lyon One security issue has been resolved for Simple...	1	04 August 2020, 16:10 by Robert Lyon
Closed Security issue relating to the Elasticsearch results and Isolated institutions <18.10.6, <19.04.5, <19.10.3 by Robert Lyon Vulnerability type: Incorrect access control	1	30 April 2020, 12:26 by Robert Lyon
Closed Security issue relating to the third-party library SimpleSAMLPHP <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner Two security issues have been resolved for Simp...	1	04 March 2020, 18:51 by Kristina Hoeppner
Closed Security issue relating to information disclosure <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner Vulnerability type: Information disclosure; acc...	1	04 March 2020, 18:47 by Kristina Hoeppner
Closed Security issue relating to incorrect access control in Elasticsearch results <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner Vulnerability type: Incorrect access control	1	04 March 2020, 18:38 by Kristina Hoeppner
Closed Security issue relating to third party library security upgrade <18.10.4 <19.04.3 <19.10.1 by Cecilia Vela The minor point releases 19.10.1, 19.04.3 and 1...	1	12 November 2019, 15:55 by Cecilia Vela
Closed Security issue relating to third party libraries security upgrades <18.04.6 <18.10.3 <19.04.2 by Cecilia Vela The minor point releases 19.04.2, 18.10.3 and 1...	1	01 November 2019, 14:23 by Cecilia Vela
Closed Security issue relating to Cross Site Scripting (XSS) <17.10.8; <18.04.4: <18.10.1 by Robert Lyon	1	30 April 2019, 19:26 by Robert Lyon
Closed Security issue relating to insecure permissions <17.10.8; <18.04.4: <18.10.1 by Robert Lyon Disable logins for everyone when root user is s...	1	30 April 2019, 19:24 by Robert Lyon
Closed Security issue relating to disclosing information <17.04.8; <17.10.5: <18.04.1 by Cecilia Vela Prevent disclosing usernames that are taken exp...	1	30 May 2018, 17:36 by Cecilia Vela
Closed Security issue relating to the upload of a virus-infected file <17.04.8; <17.10.5: <18.04.1 by Cecilia Vela Virus scanner does not check Leap2A zip files	1	30 May 2018, 17:35 by Cecilia Vela
Closed Security issue relating to disclosing information <17.04.8; <17.10.5: <18.04.1 by Cecilia Vela Prevent a back and refresh attack through the w...	1	30 May 2018, 17:31 by Cecilia Vela
Closed Security issue relating to cross-site scripting <16.10.9; <17.04.7; <17.10.4 by Robert Lyon Avoid relying on TinyMCE code stripping alone	1	06 April 2018, 11:32 by Robert Lyon
Closed Security issue relating to disclosing information <16.10.7; <17.04.5; <17.10.2 by Robert Lyon Have page forgotpass.php use captcha field (if ...	1	17 January 2018, 17:23 by Robert Lyon

111 topics

«Previous page
1
2
3
...5
»Next page

Group administrators:

Robert Lyon

Kristina Hoeppner

Lisa Seeto

Forums | Mahara Community

Forums / Security Announcements

Closed Accessing page help causing path traversal in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Closed Tag syntax could cause code execution in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Closed PDF export cause code execution in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Closed Security issue with PHPMailer in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Closed Exported CSV files could contain bad character syntax in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Closed Web services token vulnerablity in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, by Robert Lyon

Closed Security issue relating to SimpleSAML PHP <20.04.4 <20.10.2 <21.04.1 by Lisa Seeto

Closed Security issue relating to the SimpleSamlPhp <19.10.6, <20.04.3, <20.10.1 by Robert Lyon

Closed Security issue relating to the PHPMailer <19.10.6, <20.04.3, <20.10.1 by Robert Lyon

Closed Security issue relating to jQuery in Mahara <19.04.7, <19.10.5, <20.04.2 by Kristina Hoeppner

Closed Security issue relating to the file browser <19.04.6, <19.10.4, <20.04.1 by Robert Lyon

Closed Security issue relating to the third-party library SimpleSAMLPHP <19.04.6, <19.10.4, <20.04.1 by Robert Lyon

Closed Security issue relating to the Elasticsearch results and Isolated institutions <18.10.6, <19.04.5, <19.10.3 by Robert Lyon

Closed Security issue relating to the third-party library SimpleSAMLPHP <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner

Closed Security issue relating to information disclosure <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner

Closed Security issue relating to incorrect access control in Elasticsearch results <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner

Closed Security issue relating to third party library security upgrade <18.10.4 <19.04.3 <19.10.1 by Cecilia Vela

Closed Security issue relating to third party libraries security upgrades <18.04.6 <18.10.3 <19.04.2 by Cecilia Vela

Closed Security issue relating to Cross Site Scripting (XSS) <17.10.8; <18.04.4: <18.10.1 by Robert Lyon

Closed Security issue relating to insecure permissions <17.10.8; <18.04.4: <18.10.1 by Robert Lyon

Closed Security issue relating to disclosing information <17.04.8; <17.10.5: <18.04.1 by Cecilia Vela

Closed Security issue relating to the upload of a virus-infected file <17.04.8; <17.10.5: <18.04.1 by Cecilia Vela

Closed Security issue relating to disclosing information <17.04.8; <17.10.5: <18.04.1 by Cecilia Vela

Closed Security issue relating to cross-site scripting <16.10.9; <17.04.7; <17.10.4 by Robert Lyon

Closed Security issue relating to disclosing information <16.10.7; <17.04.5; <17.10.2 by Robert Lyon

Forums /
Security Announcements