Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to anonymous comments being able to be placed on artefact detail pages even when the site administrator had disallowed anonymous comments.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mahara | Mahara | 1.9-rc1 (including) | 1.9-rc1 (including) |
| Mahara | Mahara | 1.9.0 (including) | 1.9.0 (including) |
| Mahara | Mahara | 1.9.1 (including) | 1.9.1 (including) |
| Mahara | Mahara | 1.9.2 (including) | 1.9.2 (including) |
| Mahara | Mahara | 1.9.3 (including) | 1.9.3 (including) |
| Mahara | Mahara | 1.9.4 (including) | 1.9.4 (including) |
| Mahara | Mahara | 1.9.5 (including) | 1.9.5 (including) |
| Mahara | Mahara | 1.9.6 (including) | 1.9.6 (including) |