CVE Vulnerabilities

CVE-2013-4431

Published: May 19, 2014 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does not properly prevent access to blocks, which allows remote authenticated users to modify arbitrary blocks via the bock id in an edit request.

Affected Software

Name Vendor Start Version End Version
Mahara Mahara * 1.5.11 (including)
Mahara Mahara 1.5-rc1 (including) 1.5-rc1 (including)
Mahara Mahara 1.5-rc2 (including) 1.5-rc2 (including)
Mahara Mahara 1.5.0 (including) 1.5.0 (including)
Mahara Mahara 1.5.1 (including) 1.5.1 (including)
Mahara Mahara 1.5.2 (including) 1.5.2 (including)
Mahara Mahara 1.5.3 (including) 1.5.3 (including)
Mahara Mahara 1.5.4 (including) 1.5.4 (including)
Mahara Mahara 1.5.6 (including) 1.5.6 (including)
Mahara Mahara 1.5.7 (including) 1.5.7 (including)
Mahara Mahara 1.5.8 (including) 1.5.8 (including)
Mahara Mahara 1.5.9 (including) 1.5.9 (including)
Mahara Mahara 1.5.10 (including) 1.5.10 (including)
Mahara Ubuntu lucid *
Mahara Ubuntu precise *
Mahara Ubuntu quantal *
Mahara Ubuntu raring *
Mahara Ubuntu saucy *
Mahara Ubuntu upstream *

References