Mahara Community - Security Announcements

Mahara Community

Forums /
Security Announcements

Subscribe to this forum to be notified about security fixes.

Topic	Posts	Last post
Security issue relating to access control in Mahara groups <15.04.9, <15.10.5, <16.04.3 by Aaron Wells Access to a group's configuration page is meant...	1	08 August 2016, 5:44 PM by Aaron Wells
Security issue relating to passwords <15.04.9, <15.10.5, <16.04.3 by Aaron Wells Under some error logging settings, Mahara print...	1	08 August 2016, 5:40 PM by Aaron Wells
Security issue relating to Access control and profile pictures <15.04.8, <15.10.4, <16.04.2 by Aaron Wells When a profile picture is accessed directly by ...	1	11 July 2016, 5:13 PM by Aaron Wells
Security issue relating to PHP injection <15.04.8, <15.10.4, <16.04.2 by Aaron Wells When importing a Skin from an XML file, Mahara ...	1	11 July 2016, 5:10 PM by Aaron Wells
Security issue relating to Access control and Leap2a export <15.04.8, <15.10.4, <16.04.2 by Aaron Wells A user could in some circumstances cause anothe...	1	11 July 2016, 5:02 PM by Aaron Wells
Security issue relating to User Authorization and expired institutions <15.04.8, <15.10.4, <16.04.2 by Aaron Wells Some authentication methods that do not use Mah...	1	11 July 2016, 4:57 PM by Aaron Wells
Security issue relating to User Authorization and XMLRP (MNet) <15.04.8, <15.10.4, <16.04.2 by Aaron Wells When Mahara is used for the identity provider i...	1	11 July 2016, 4:45 PM by Aaron Wells
Closed Security issue relating to session fixation in PHP 5.3, <15.04.7, <15.10.3 by Aaron Wells Changes to Mahara's session management in 15.04...	1	03 May 2016, 1:22 PM by Aaron Wells
Closed Security issue relating to session management <15.04.7, <15.10.3 by Aaron Wells Changes to Mahara's session management in 15.04...	1	03 May 2016, 1:20 PM by Aaron Wells
Security issue relating to XSS <1.10.9, <15.04.6, <15.10.2 by Son Nguyen XSS vulnerability due to window.opener (target=...	1	24 March 2016, 11:59 AM by Son Nguyen
Closed Security issue relating to CSRF <15.04.3, <1.10.6, <1.9.8 by Robert Lyon It is possible to perform a cross-site request ...	1	19 August 2015, 5:29 PM by Robert Lyon
Security issue relating to XSS <1.9.7, <1.10.5, <15.04.2 by Aaron Wells The title of the portfolio page was not being p...	1	10 July 2015, 6:19 PM by Aaron Wells
Security issue relating to access control <1.9.7, <1.10.5, <15.04.2 by Aaron Wells The site-level setting to disallow anonymous co...	1	10 July 2015, 6:11 PM by Aaron Wells
Security issue relating to Stored XSS <1.9.6, <1.10.4, <15.04.1 by Aaron Wells A site admin or institution admin can place HTM...	1	29 May 2015, 3:08 PM by Aaron Wells
Closed Security issue relating to Access control <1.8.6, <1.9.4, <1.10.1, <15.04.0 by Robert Lyon Session management issue where old sessions wer...	3	21 April 2015, 10:25 AM by Robert Lyon
Security issue relating to Access control <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon Able to receive watchlist notifications about p...	1	17 April 2015, 2:52 PM by Robert Lyon
Security issue relating to Escalation of privileges <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon Users can delete their submitted page through U...	1	17 April 2015, 2:51 PM by Robert Lyon
Security issue relating to Access control <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon Logged in users can stay logged in after the in...	1	17 April 2015, 2:50 PM by Robert Lyon
Security issue relating to XSS <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon A maliciously created .swf file can have it's c...	1	17 April 2015, 2:49 PM by Robert Lyon
Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon Session management issue where old sessions wer...	1	17 April 2015, 2:47 PM by Robert Lyon
Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon Possible cross site scripting when adding text ...	1	17 April 2015, 2:46 PM by Robert Lyon
Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon Possible cross site scripting when dragging/dro...	1	17 April 2015, 2:45 PM by Robert Lyon
Security issue relating to XSS <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon A maliciously created .xml file can have it's c...	1	17 April 2015, 2:44 PM by Robert Lyon
Closed Security issue relating to disclosure of sys info <1.8.6, <1.9.4, <1.10.1 by Robert Lyon Minor version number displayed in JS, CSS links	2	27 November 2014, 8:36 AM by Robert Lyon
Closed Security issue relating to session fixation and privilege escalation <1.8.6, <1.9.4, <1.10.1 by Robert Lyon Password reset key leaked via HTTP "Referer" fi...	1	26 November 2014, 1:36 PM by Robert Lyon

76 topics

«Previous page
1
2
3
4
»Next page

Group administrators:

Robert Lyon

Aaron Wells

Kristina Hoeppner

Son Nguyen

Forums | Mahara Community

Forums /
Security Announcements

Security issue relating to access control in Mahara groups <15.04.9, <15.10.5, <16.04.3 by Aaron Wells

Security issue relating to passwords <15.04.9, <15.10.5, <16.04.3 by Aaron Wells

Security issue relating to Access control and profile pictures <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Security issue relating to PHP injection <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Security issue relating to Access control and Leap2a export <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Security issue relating to User Authorization and expired institutions <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Security issue relating to User Authorization and XMLRP (MNet) <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Closed Security issue relating to session fixation in PHP 5.3, <15.04.7, <15.10.3 by Aaron Wells

Closed Security issue relating to session management <15.04.7, <15.10.3 by Aaron Wells

Security issue relating to XSS <1.10.9, <15.04.6, <15.10.2 by Son Nguyen

Closed Security issue relating to CSRF <15.04.3, <1.10.6, <1.9.8 by Robert Lyon

Security issue relating to XSS <1.9.7, <1.10.5, <15.04.2 by Aaron Wells

Security issue relating to access control <1.9.7, <1.10.5, <15.04.2 by Aaron Wells

Security issue relating to Stored XSS <1.9.6, <1.10.4, <15.04.1 by Aaron Wells

Closed Security issue relating to Access control <1.8.6, <1.9.4, <1.10.1, <15.04.0 by Robert Lyon

Security issue relating to Access control <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Security issue relating to Escalation of privileges <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Security issue relating to Access control <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Closed Security issue relating to disclosure of sys info <1.8.6, <1.9.4, <1.10.1 by Robert Lyon

Closed Security issue relating to session fixation and privilege escalation <1.8.6, <1.9.4, <1.10.1 by Robert Lyon

Login Help

Forums | Mahara Community

Forums / Security Announcements

Security issue relating to access control in Mahara groups <15.04.9, <15.10.5, <16.04.3 by Aaron Wells

Security issue relating to passwords <15.04.9, <15.10.5, <16.04.3 by Aaron Wells

Security issue relating to Access control and profile pictures <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Security issue relating to PHP injection <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Security issue relating to Access control and Leap2a export <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Security issue relating to User Authorization and expired institutions <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Security issue relating to User Authorization and XMLRP (MNet) <15.04.8, <15.10.4, <16.04.2 by Aaron Wells

Closed Security issue relating to session fixation in PHP 5.3, <15.04.7, <15.10.3 by Aaron Wells

Closed Security issue relating to session management <15.04.7, <15.10.3 by Aaron Wells

Security issue relating to XSS <1.10.9, <15.04.6, <15.10.2 by Son Nguyen

Closed Security issue relating to CSRF <15.04.3, <1.10.6, <1.9.8 by Robert Lyon

Security issue relating to XSS <1.9.7, <1.10.5, <15.04.2 by Aaron Wells

Security issue relating to access control <1.9.7, <1.10.5, <15.04.2 by Aaron Wells

Security issue relating to Stored XSS <1.9.6, <1.10.4, <15.04.1 by Aaron Wells

Closed Security issue relating to Access control <1.8.6, <1.9.4, <1.10.1, <15.04.0 by Robert Lyon

Security issue relating to Access control <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Security issue relating to Escalation of privileges <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Security issue relating to Access control <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.10.0, <15.04.0 by Robert Lyon

Security issue relating to XSS <1.8.7, <1.9.5, <1.10.3, <15.04.0 by Robert Lyon

Closed Security issue relating to disclosure of sys info <1.8.6, <1.9.4, <1.10.1 by Robert Lyon

Closed Security issue relating to session fixation and privilege escalation <1.8.6, <1.9.4, <1.10.1 by Robert Lyon

Login Help

Forums /
Security Announcements