Forums | Mahara Community

Forums /
Security Announcements


Subscribe to this forum to be notified about security fixes.

Topic Posts Last post

Closed Multiple Cross-site Scripting Vulnerabilities by Hugh Davenport

Multiple Cross-site Scripting Vulnerabilities
1 09 October 2012, 11:16 PM

by Hugh Davenport

Closed Remote Code Execution Vulnerability by Hugh Davenport

Remote Code Execution Vulnerability
1 09 October 2012, 11:13 PM

by Hugh Davenport

Closed Conclusion of the Security Bug Bounty by Kristina Hoeppner

Hello,
1 04 October 2012, 9:13 PM

by Kristina Hoeppner

Closed XML External Entities Vulnerability in versions 1.4.3 and 1.5.2 by Melissa Draper

XML External Entities Vulnerability in versions...
1 13 September 2012, 8:53 PM

by Melissa Draper

Closed Multiple Cross-site Scripting Vulnerabilities in versions 1.4.2 and 1.5.1 by Melissa Draper

Multiple Cross-site Scripting Vulnerabilities i...
1 31 July 2012, 1:45 AM

by Melissa Draper

Closed Insecure defaults in SAML plugin by François Marier

This security issue only affects sites which ma...
1 15 February 2012, 8:52 PM

by François Marier

Closed Privilege Escalation (MNet) in Mahara 1.4.0 and 1.3.6 by François Marier




Category:
Privilege Escalation


Seve...
1 03 November 2011, 5:56 PM

by François Marier

Closed Cross-site Request Forgery in Mahara 1.4.0 and 1.3.6 by François Marier




Category:
Cross-site Request Forgery

...
1 03 November 2011, 5:52 PM

by François Marier

Closed Cross-site Scripting in Mahara 1.4.0 and 1.3.6 by François Marier




Category:
Cross-site Scripting


Seve...
1 03 November 2011, 5:48 PM

by François Marier

Closed Information Disclosure in Mahara 1.4.0 and 1.3.6 by François Marier




Category:
Information Disclosure


Se...
1 03 November 2011, 5:46 PM

by François Marier

Closed Denial of Service in Mahara 1.4.0 and 1.3.6 by François Marier




Category:
Denial of Service


Severit...
1 03 November 2011, 5:42 PM

by François Marier

Closed HTTPS downgrade in Mahara 1.2.8 and 1.3.5 by François Marier




Category:
HTTPS to HTTP downgrade


S...
1 09 May 2011, 9:06 PM

by François Marier

Closed Cross-site scripting bugs in Mahara 1.2.8 and 1.3.5 by François Marier




Category:
Cross-site scripting


Seve...
1 09 May 2011, 9:03 PM

by François Marier

Closed Information disclosure bugs in Mahara 1.2.8 and 1.3.5 by François Marier




Category:
Information disclosure


Se...
1 09 May 2011, 9:00 PM

by François Marier

Closed Cross-site request forgeries in Mahara 1.2.8 and 1.3.5 by François Marier




Category:
Cross-site request forgery

...
1 09 May 2011, 8:49 PM

by François Marier

Closed Privilege escalations in Mahara 1.2.8 and 1.3.5 by François Marier




Category:
Privilege escalation


Seve...
1 09 May 2011, 8:45 PM

by François Marier

Closed Security fixes in HTML Purifier 4.3.0 by François Marier




Category:
Insecure bundled library


...
1 28 March 2011, 9:08 PM

by François Marier

Closed CSRF in Mahara 1.2.6 and 1.3.3 by François Marier




Category:
Cross-site request forgery

...
1 24 March 2011, 8:15 PM

by François Marier

Closed XSS in Mahara 1.2.6 and 1.3.3 by François Marier




Category:
Cross-site scripting


Seve...
1 24 March 2011, 8:13 PM

by François Marier

Closed XSS in Mahara 1.3.2 by François Marier




Category:
Cross-site scripting


Seve...
1 07 November 2010, 6:58 PM

by François Marier

Closed XSS in HTML Purifier 4.0 and earlier by François Marier




Category:
Cross-site scripting


Seve...
1 02 July 2010, 12:10 AM

by François Marier

Closed Unsafe authentication plugin options in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier




Category:
Unsafe auth plugin options

...
1 02 July 2010, 12:08 AM

by François Marier

Closed SQL injection in 1.1.8 and 1.2.4 by François Marier




Category:
SQL injection


Severity:
...
1 02 July 2010, 12:05 AM

by François Marier

Closed Multiple CSRF in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier




Category:
Cross-site request forgery

...
1 02 July 2010, 12:03 AM

by François Marier

Closed Multiple XSS in Mahara 1.0.14, 1.1.8 and 1.2.4 by François Marier




Category:
Cross-site scripting


Seve...
1 02 July 2010, 12:00 AM

by François Marier

Help