CVE-2017-1000136
CVSS 6.5 - MEDIUM
Description
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable to old sessions not being invalidated after a password change.
Affected Products
17| Vendor | Product | Version |
|---|---|---|
| mahara | mahara |
1.8
|
| mahara | mahara |
1.8
|
| mahara | mahara |
1.8.0
|
| mahara | mahara |
1.8.1
|
| mahara | mahara |
1.8.2
|
| mahara | mahara |
1.8.3
|
| mahara | mahara |
1.8.4
|
| mahara | mahara |
1.8.5
|
| mahara | mahara |
1.9
|
| mahara | mahara |
1.9.0
|
| mahara | mahara |
1.9.1
|
| mahara | mahara |
1.9.2
|
| mahara | mahara |
1.9.3
|
| mahara | mahara |
1.10
|
| mahara | mahara |
1.10.0
|
| mahara | mahara |
15.04
|
| mahara | mahara |
15.04
|
References
Weakness Types
CWE-613
CVE Information
- CVE ID:
CVE-2017-1000136- Published:
- 2017-11-03
- Modified:
- 2026-05-13
- CVSS Score:
- 6.5
- Severity:
- MEDIUM
- Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected Vendors
mahara
Quick Actions
CVSS Severity Scale
0.0 - 3.9
LOW
4.0 - 6.9
MEDIUM
7.0 - 8.9
HIGH
9.0 - 10.0
CRITICAL