In Mahara 21.04 prior to 21.04.6, 21.10 prior to 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mahara mahara 22.04.2 |
||
mahara mahara |