CVE-2017-1000142
medium
CVSS v3
6.5
CVSS v2
5.5
VIR risk
6.5
Description
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users being able to delete their submitted page through URL manipulation.
Predictions
Exploit likelihood
75%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://bugs.launchpad.net/mahara/+bug/1425306
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| mahara | mahara | 1.8 | |
| mahara | mahara | 1.8.0 | |
| mahara | mahara | 1.8.1 | |
| mahara | mahara | 1.8.2 | |
| mahara | mahara | 1.8.3 | |
| mahara | mahara | 1.8.4 | |
| mahara | mahara | 1.8.5 | |
| mahara | mahara | 1.8.6 | |
| mahara | mahara | 1.9 | |
| mahara | mahara | 1.9.0 | |
| mahara | mahara | 1.9.1 | |
| mahara | mahara | 1.9.2 | |
| mahara | mahara | 1.9.3 | |
| mahara | mahara | 1.9.4 | |
| mahara | mahara | 1.10 | |
| mahara | mahara | 1.10.0 | |
| mahara | mahara | 1.10.1 | |
| mahara | mahara | 1.10.2 | |
| mahara | mahara | 15.04 | |
References
Verify integrity in audit chain (admin only). AS-IS.