Published: 06/07/2010 Updated: 17/08/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara prior to 1.0.15, 1.1.x prior to 1.1.9, and 1.2.x prior to 1.2.5 allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mahara mahara 1.0.8
mahara mahara 1.0.7
mahara mahara 0.9.2
mahara mahara 1.0.10
mahara mahara 1.0.9
mahara mahara 1.0.2
mahara mahara 1.0.1
mahara mahara 1.0.0
mahara mahara 0.9.1
mahara mahara 1.0.12
mahara mahara 1.0.11
mahara mahara 1.0.4
mahara mahara 1.0.3
mahara mahara
mahara mahara 1.0.13
mahara mahara 1.0.6
mahara mahara 1.0.5
mahara mahara 0.9.0
mahara mahara 1.1.2
mahara mahara 1.1.3
mahara mahara 1.1.0
mahara mahara 1.1.4
mahara mahara 1.1.5
mahara mahara 1.1.1
mahara mahara 1.1.8
mahara mahara 1.1.6
mahara mahara 1.1.7
mahara mahara 1.2.0
mahara mahara 1.2.1
mahara mahara 1.2.2
mahara mahara 1.2.3
mahara mahara 1.2.4

Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder The following Common Vulnerabilities and Exposures project ids identify them: CVE-2010-1667 Multiple pages performed insufficient input sanitising, making them vulnerable to cross-site scripting attacks CVE-2010-1668 Multiple forms ...

CWE-352 http://www.securityfocus.com/bid/41319 http://secunia.com/advisories/40431 http://wiki.mahara.org/Release_Notes/1.0.15 http://wiki.mahara.org/Release_Notes/1.1.9 http://wiki.mahara.org/Release_Notes/1.2.5 https://exchange.xforce.ibmcloud.com/vulnerabilities/59994 https://nvd.nist.gov https://www.debian.org/security/./dsa-2067

CVE-2010-1668

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect