Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8, 16.10.x before 16.10.5, and 17.x before 17.04.3. When one closes the browser without logging out of Mahara, the value in the usr_session table is not removed. If someone were to open a browser, visit the Mahara site, and adjust the 'mahara' cookie to the old value, they can get access to the user's account.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Catalyst Mahara 安全漏洞
Vulnerability Description
Catalyst Mahara是新西兰Catalyst IT公司的一套社交网络系统。该系统包含博客、履历表生成器、文件管理器等。 Catalyst Mahara中存在安全漏洞,该漏洞源于用户在未注销Mahara的情况下关闭浏览器时,程序不会移除usr_session表单中的值。攻击者可利用该漏洞获取用户账户的访问权限。以下版本受到影响:Catalyst Mahara 15.04.14之前的版本,16.04.8之前的16.x版本,16.10.5之前的16.10.x版本,17.04.3之前的17.x版本。
CVSS Information
N/A
Vulnerability Type
N/A