This host is running Mahara and is prone to multiple remote vulnerabilities.

Successful exploitation will allow attackers to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, disclose or modify sensitive information, or perform certain administrative actions and bypass security restrictions. Impact Level: Application

Upgrade to Mahara version 1.3.6 or later. For updates refer to http://mahara.org/

- An error in artefact/plans/viewtasks.json.php, artefact/blog/posts.json.php, and blocktype/myfriends/myfriends.json.php when checking a user's permission can be exploited to access restricted views. - An error in view/newviewtoken.json.php, artefact/plans/tasks.json.php, and artefact/blog/view/index.json.php when checking a user's permission can be exploited to edit restricted views. - An error in admin/users/search.json.php due to the 'INSTITUTIONALADMIN' permission not being checked can be exploited to search and suspend other users. - The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site. - Input passed via certain email fields as a result of forum posts and view feedback notifications is not properly sanitised in artefact/comment/lib.php and interaction/forum/lib.php before being used. - Improper handling of an https URL in the wwwroot configuration setting, allows user-assisted remote attackers to obtain credentials by sniffing the network at a time when an http URL is used for a login.

Mahara version prior to 1.3.6

• http://secunia.com/advisories/44433
• https://launchpad.net/mahara/+milestone/1.3.6

---

Updated on 2015-03-25