CVE-2017-1000135

CVSS 6.5 - MEDIUM

Description

Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in after the institution they belong to is suspended.

Affected Products

Vendor	Product	Version
mahara	mahara	`1.8`
mahara	mahara	`1.8`
mahara	mahara	`1.8.0`
mahara	mahara	`1.8.1`
mahara	mahara	`1.8.2`
mahara	mahara	`1.8.3`
mahara	mahara	`1.8.4`
mahara	mahara	`1.8.5`
mahara	mahara	`1.8.6`
mahara	mahara	`1.9`
mahara	mahara	`1.9.0`
mahara	mahara	`1.9.1`
mahara	mahara	`1.9.2`
mahara	mahara	`1.9.3`
mahara	mahara	`1.9.4`
mahara	mahara	`1.10`
mahara	mahara	`1.10.0`
mahara	mahara	`1.10.1`
mahara	mahara	`1.10.2`
mahara	mahara	`15.04`
mahara	mahara	`15.04`

References

https://bugs.launchpad.net/mahara/+bug/1348024

Weakness Types

CWE-613

CVE Information

CVE ID:: CVE-2017-1000135
Published:: 2017-11-03
Modified:: 2026-05-13
CVSS Score:: 6.5
Severity:: MEDIUM
Vector:: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Vendors

mahara

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL