Mahara Information Disclosure Vulnerability Network Vulnerability

Summary

This host is running Mahara and is prone to Information Disclosure Vulnerability.

Impact

Successful exploitation will allow attacker to gain sensitive information in the affected web application. Impact Level: Application

Solution

Upgrade to Mahara version 1.1.5 or later https://eduforge.org/projects/mahara/

Insight

- The application fails to apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact.

Affected

Mahara version 1.1 before 1.1.5

References

http://mahara.org/interaction/forum/topic.php?id=753

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2171

CVSS	Base Score: 4.0 AV:N/AC:L/Au:S/C:P/I:N/A:N

Related Vulnerabilities

An Image Gallery Directory Traversal Vulnerability
Apache Struts2/XWork Remote Command Execution Vulnerability
Apache Solr Directory Traversal Vulnerability Jan-14
Apple Safari Multiple Vulnerabilities
Apache Tomcat source.jsp malformed request information disclosure

Take action and discover your vulnerabilities