Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email can be used to gain access to the user's account.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Catalyst Mahara 安全漏洞
Vulnerability Description
Catalyst Mahara是新西兰Catalyst IT公司的一套社交网络系统。该系统包含博客、履历表生成器、文件管理器等。 Catalyst Mahara 15.04.10之前的15.04版本、15.10.6之前的15.10版本和16.04.4之前的16.04版本中存在安全漏洞,该漏洞源于不正确的访问控制。攻击者可利用该漏洞获取用户账户的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A