Mahara Community - Security Announcements

Mahara Community

Forums /
Security Announcements

Subscribe to this forum to be notified about security fixes.

Topic	Posts	Last post
Closed Insecure defaults in SAML plugin by François Marier This security issue only affects sites which ma...	1	15 February 2012, 20:52 by François Marier
Closed Privilege Escalation (MNet) in Mahara 1.4.0 and 1.3.6 by François Marier Category: Privilege Escalation Seve...	1	03 November 2011, 17:56 by François Marier
Closed Cross-site Request Forgery in Mahara 1.4.0 and 1.3.6 by François Marier Category: Cross-site Request Forgery ...	1	03 November 2011, 17:52 by François Marier
Closed Cross-site Scripting in Mahara 1.4.0 and 1.3.6 by François Marier Category: Cross-site Scripting Seve...	1	03 November 2011, 17:48 by François Marier
Closed Information Disclosure in Mahara 1.4.0 and 1.3.6 by François Marier Category: Information Disclosure Se...	1	03 November 2011, 17:46 by François Marier
Closed Denial of Service in Mahara 1.4.0 and 1.3.6 by François Marier Category: Denial of Service Severit...	1	03 November 2011, 17:42 by François Marier
Closed HTTPS downgrade in Mahara 1.2.8 and 1.3.5 by François Marier Category: HTTPS to HTTP downgrade S...	1	09 May 2011, 21:06 by François Marier
Closed Cross-site scripting bugs in Mahara 1.2.8 and 1.3.5 by François Marier Category: Cross-site scripting Seve...	1	09 May 2011, 21:03 by François Marier
Closed Information disclosure bugs in Mahara 1.2.8 and 1.3.5 by François Marier Category: Information disclosure Se...	1	09 May 2011, 21:00 by François Marier
Closed Cross-site request forgeries in Mahara 1.2.8 and 1.3.5 by François Marier Category: Cross-site request forgery ...	1	09 May 2011, 20:49 by François Marier
Closed Privilege escalations in Mahara 1.2.8 and 1.3.5 by François Marier Category: Privilege escalation Seve...	1	09 May 2011, 20:45 by François Marier
Closed Security fixes in HTML Purifier 4.3.0 by François Marier Category: Insecure bundled library ...	1	28 March 2011, 21:08 by François Marier
Closed CSRF in Mahara 1.2.6 and 1.3.3 by François Marier Category: Cross-site request forgery ...	1	24 March 2011, 20:15 by François Marier
Closed XSS in Mahara 1.2.6 and 1.3.3 by François Marier Category: Cross-site scripting Seve...	1	24 March 2011, 20:13 by François Marier
Closed XSS in Mahara 1.3.2 by François Marier Category: Cross-site scripting Seve...	1	07 November 2010, 18:58 by François Marier
Closed XSS in HTML Purifier 4.0 and earlier by François Marier Category: Cross-site scripting Seve...	1	02 July 2010, 0:10 by François Marier
Closed Unsafe authentication plugin options in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier Category: Unsafe auth plugin options ...	1	02 July 2010, 0:08 by François Marier
Closed SQL injection in 1.1.8 and 1.2.4 by François Marier Category: SQL injection Severity: ...	1	02 July 2010, 0:05 by François Marier
Closed Multiple CSRF in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier Category: Cross-site request forgery ...	1	02 July 2010, 0:03 by François Marier
Closed Multiple XSS in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier Category: Cross-site scripting Seve...	1	02 July 2010, 0:00 by François Marier
Closed SQL injection in 1.0.13, 1.1.7 and 1.2.3 by François Marier Category: SQL injection	1	06 April 2010, 0:07 by François Marier
Closed Arbitrary code execution in 1.0.13 and 1.1.7 by François Marier Category: Arbitrary code execution	1	06 April 2010, 0:03 by François Marier
Closed XSS in Mahara 1.1.6 and 1.0.12 by François Marier Category:Cross-site scripting Severity:Medium V...	1	29 October 2009, 17:34 by François Marier
Closed Privilege escalation in Mahara 1.1.6 and 1.0.12 by François Marier Category:Privilege escalation Severity:Major Ve...	1	29 October 2009, 17:31 by François Marier
Closed Information disclosure in Mahara 1.1.4 by François Marier Category:Information disclosure Severity:Major ...	1	21 June 2009, 23:01 by François Marier

129 topics

Group administrators:

Robert Lyon

Kristina Hoeppner

Moderators:

Doris ⚡

Portfolios for your learning community

Create portfolios

Engage with others

Listen to portfolio stories

Forums | Mahara Community

Forums /
Security Announcements

Closed Insecure defaults in SAML plugin by François Marier

Closed Privilege Escalation (MNet) in Mahara 1.4.0 and 1.3.6 by François Marier

Closed Cross-site Request Forgery in Mahara 1.4.0 and 1.3.6 by François Marier

Closed Cross-site Scripting in Mahara 1.4.0 and 1.3.6 by François Marier

Closed Information Disclosure in Mahara 1.4.0 and 1.3.6 by François Marier

Closed Denial of Service in Mahara 1.4.0 and 1.3.6 by François Marier

Closed HTTPS downgrade in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Cross-site scripting bugs in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Information disclosure bugs in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Cross-site request forgeries in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Privilege escalations in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Security fixes in HTML Purifier 4.3.0 by François Marier

Closed CSRF in Mahara 1.2.6 and 1.3.3 by François Marier

Closed XSS in Mahara 1.2.6 and 1.3.3 by François Marier

Closed XSS in Mahara 1.3.2 by François Marier

Closed XSS in HTML Purifier 4.0 and earlier by François Marier

Closed Unsafe authentication plugin options in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier

Closed SQL injection in 1.1.8 and 1.2.4 by François Marier

Closed Multiple CSRF in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier

Closed Multiple XSS in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier

Closed SQL injection in 1.0.13, 1.1.7 and 1.2.3 by François Marier

Closed Arbitrary code execution in 1.0.13 and 1.1.7 by François Marier

Closed XSS in Mahara 1.1.6 and 1.0.12 by François Marier

Closed Privilege escalation in Mahara 1.1.6 and 1.0.12 by François Marier

Closed Information disclosure in Mahara 1.1.4 by François Marier

Subscribe to our monthly newsletter

Portfolios for your learning community

Create portfolios

Share work

Engage with others

Listen to portfolio stories

Forums | Mahara Community

Forums / Security Announcements

Closed Insecure defaults in SAML plugin by François Marier

Closed Privilege Escalation (MNet) in Mahara 1.4.0 and 1.3.6 by François Marier

Closed Cross-site Request Forgery in Mahara 1.4.0 and 1.3.6 by François Marier

Closed Cross-site Scripting in Mahara 1.4.0 and 1.3.6 by François Marier

Closed Information Disclosure in Mahara 1.4.0 and 1.3.6 by François Marier

Closed Denial of Service in Mahara 1.4.0 and 1.3.6 by François Marier

Closed HTTPS downgrade in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Cross-site scripting bugs in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Information disclosure bugs in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Cross-site request forgeries in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Privilege escalations in Mahara 1.2.8 and 1.3.5 by François Marier

Closed Security fixes in HTML Purifier 4.3.0 by François Marier

Closed CSRF in Mahara 1.2.6 and 1.3.3 by François Marier

Closed XSS in Mahara 1.2.6 and 1.3.3 by François Marier

Closed XSS in Mahara 1.3.2 by François Marier

Closed XSS in HTML Purifier 4.0 and earlier by François Marier

Closed Unsafe authentication plugin options in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier

Closed SQL injection in 1.1.8 and 1.2.4 by François Marier

Closed Multiple CSRF in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier

Closed Multiple XSS in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier

Closed SQL injection in 1.0.13, 1.1.7 and 1.2.3 by François Marier

Closed Arbitrary code execution in 1.0.13 and 1.1.7 by François Marier

Closed XSS in Mahara 1.1.6 and 1.0.12 by François Marier

Closed Privilege escalation in Mahara 1.1.6 and 1.0.12 by François Marier

Closed Information disclosure in Mahara 1.1.4 by François Marier

Subscribe to our monthly newsletter

Forums /
Security Announcements