Mahara prior to 1.5.12, 1.6.x prior to 1.6.7, and 1.7.x prior to 1.7.3 does not properly prevent access to blocks, which allows remote authenticated users to modify arbitrary blocks via the bock id in an edit request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mahara mahara 1.5.4 |
||
mahara mahara 1.5.3 |
||
mahara mahara 1.5.2 |
||
mahara mahara 1.5.1 |
||
mahara mahara 1.5.9 |
||
mahara mahara 1.5.8 |
||
mahara mahara 1.5.7 |
||
mahara mahara 1.5.6 |
||
mahara mahara 1.5.0 |
||
mahara mahara 1.5 |
||
mahara mahara 1.5.10 |
||
mahara mahara |
||
mahara mahara 1.7.2 |
||
mahara mahara 1.7.0 |
||
mahara mahara 1.7.1 |
||
mahara mahara 1.7. |
||
mahara mahara 1.6.0 |
||
mahara mahara 1.6.1 |
||
mahara mahara 1.6.6 |
||
mahara mahara 1.6.4 |
||
mahara mahara 1.6.2 |
||
mahara mahara 1.6.5 |
||
mahara mahara 1.6.3 |