Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Mahara 21.04 before 21.04.3 and 21.10 before 21.10.1, portfolios created in groups that have not been shared with non-group members and portfolios created on the site and institution levels can be viewed without requiring a login if the URL to these portfolios is known.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Catalyst IT Mahara 访问控制错误漏洞
Vulnerability Description
Catalyst It Catalyst IT Mahara是新西兰Catalyst IT(Catalyst It)公司的一套社交网络系统。该系统包含博客、履历表生成器、文件管理器等。 Mahara 21.04存在安全漏洞,该漏洞源于在Mahara 21.04之前的21.04.3和21.10之前的21.10.1中,在群组中创建的未与非群组成员共享的组合,以及在网站和机构层面创建的组合,如果已知这些组合的URL,则无需登录即可查看。
CVSS Information
N/A
Vulnerability Type
N/A