Forums | Mahara Community

Forums /
Security Announcements


Subscribe to this forum to be notified about security fixes.

Topic Posts Last post

Closed Information disclosure in Mahara before 21.04.6, 21.10.4, and 22.04.2 and all versions of 20.04 and 20.10 by Kristina Hoeppner

Critical
1 16 June 2022, 15:48

by Kristina Hoeppner

Closed XSS exploit in 'External media' block in Mahara before 20.10.5, 21.04.4, and 21.10.2 by Robert Lyon



1 27 April 2022, 13:21

by Robert Lyon

Closed Strengthen the random generated tokens in Mahara before 20.10.5, 21.04.4, and 21.10.2 by Robert Lyon



1 27 April 2022, 13:20

by Robert Lyon

Closed Group search list shows too many results from page 2 onwards in Mahara before 20.10.5, 21.04.4, and 21.10.2 by Robert Lyon

Group search page shows too many results when i...
1 27 April 2022, 13:17

by Robert Lyon

Closed Mahara and Spring framework? by Kristina Hoeppner

Hello,
1 01 April 2022, 22:10

by Kristina Hoeppner

Closed Private group, site, or institution portfolios can be accessed by the URL without logging in by going to the URL in Mahara before 21.10.1 and 21.04.3 by dory2380

Vulnerability type: Incorrect access control
1 09 February 2022, 17:26

by dory2380

Closed Command injection when PDF bulk is enabled in Mahara before in Mahara before 21.10.1, 21.04.3, and 20.10.4 by dory2380

This is a follow-up for an already released sec...
1 09 February 2022, 17:24

by dory2380

Closed Able to see the name of another account holder’s folder in Mahara before 21.10.1, 21.04.3, and 20.10.4 by dory2380

Vulnerability type: Incorrect access control
1 09 February 2022, 17:23

by dory2380

Closed Accessing page help causing path traversal in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Vulnerability type: Path traversal
1 29 October 2021, 17:06

by Robert Lyon

Closed Tag syntax could cause code execution in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

 
1 29 October 2021, 17:03

by Robert Lyon

Closed PDF export cause code execution in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Vulnerability type: Code execution
1 29 October 2021, 17:02

by Robert Lyon

Closed Security issue with PHPMailer in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

A security issues has been resolved for an exte...
1 29 October 2021, 16:59

by Robert Lyon

Closed Exported CSV files could contain bad character syntax in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0 by Robert Lyon

Vulnerability type: Other (CSV Injection)
1 29 October 2021, 16:54

by Robert Lyon

Closed Web services token vulnerablity in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, by Robert Lyon



1 29 October 2021, 16:52

by Robert Lyon

Closed Security issue relating to SimpleSAML PHP <20.04.4 <20.10.2 <21.04.1 by Lisa Seeto

Fix a security bug where in rare cases the data...
1 21 May 2021, 15:33

by Lisa Seeto

Closed Security issue relating to the SimpleSamlPhp <19.10.6, <20.04.3, <20.10.1 by Robert Lyon

A potential security issue has been resolved fo...
1 05 May 2021, 10:26

by Robert Lyon

Closed Security issue relating to the PHPMailer <19.10.6, <20.04.3, <20.10.1 by Robert Lyon

A security issues has been resolved for externa...
1 04 May 2021, 17:06

by Robert Lyon

Closed Security issue relating to jQuery in Mahara <19.04.7, <19.10.5, <20.04.2 by Kristina Hoeppner

Hello,
1 22 October 2020, 22:51

by Kristina Hoeppner

Closed Security issue relating to the file browser <19.04.6, <19.10.4, <20.04.1 by Robert Lyon

Avoid file or folder names containing JavaScrip...
1 04 August 2020, 16:13

by Robert Lyon

Closed Security issue relating to the third-party library SimpleSAMLPHP <19.04.6, <19.10.4, <20.04.1 by Robert Lyon

One security issue has been resolved for Simple...
1 04 August 2020, 16:10

by Robert Lyon

Closed Security issue relating to the Elasticsearch results and Isolated institutions <18.10.6, <19.04.5, <19.10.3 by Robert Lyon

Vulnerability type: Incorrect access control
1 30 April 2020, 12:26

by Robert Lyon

Closed Security issue relating to the third-party library SimpleSAMLPHP <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner

Two security issues have been resolved for Simp...
1 04 March 2020, 18:51

by Kristina Hoeppner

Closed Security issue relating to information disclosure <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner

Vulnerability type: Information disclosure; acc...
1 04 March 2020, 18:47

by Kristina Hoeppner

Closed Security issue relating to incorrect access control in Elasticsearch results <18.10.5, <19.04.4, <19.10.2 by Kristina Hoeppner

Vulnerability type: Incorrect access control
1 04 March 2020, 18:38

by Kristina Hoeppner

Closed Security issue relating to third party library security upgrade <18.10.4 <19.04.3 <19.10.1 by Cecilia Vela

The minor point releases 19.10.1, 19.04.3 and 1...
1 12 November 2019, 15:55

by Cecilia Vela

119 topics