Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-1000142

Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users being able to delete their submitted page through URL manipulation.

Related bugs and status

CVE-2017-1000142 (Candidate) is related to these bugs:

Bug #1425306: Users can delete submitted page through URL

		In	Importance	Status
1425306	Users can delete submitted page through URL	Mahara	Medium	Fix Released
1425306	Users can delete submitted page through URL	Mahara 1.10	Medium	Fix Released
1425306	Users can delete submitted page through URL	Mahara 1.8	Medium	Fix Released
1425306	Users can delete submitted page through URL	Mahara 1.9	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugs.launchpad...