Описание
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is vulnerable if more than ten groups are used. They are all shown from page 2 of the group results list (rather than only being shown for the institution that the viewer is a member of).
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 20.10.5 (исключая)Версия от 21.04.0 (включая) до 21.04.4 (исключая)Версия от 21.10.0 (включая) до 21.10.2 (исключая)
Одно из
cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*
cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*
cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*
cpe:2.3:a:mahara:mahara:22.04.0:rc1:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.0024
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 7.5
debian
почти 4 года назад
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using ...
CVSS3: 7.5
github
почти 4 года назад
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is vulnerable if more than ten groups are used. They are all shown from page 2 of the group results list (rather than only being shown for the institution that the viewer is a member of).
EPSS
Процентиль: 47%
0.0024
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-276