CVE-2017-1000150
03.11.2017, 18:29
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. This makes users of the site more vulnerable to session fixation attacks.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mahara | mahara | 15.04:rc1 |
| mahara | mahara | 15.04:rc2 |
| mahara | mahara | 15.04.0 |
| mahara | mahara | 15.04.1 |
| mahara | mahara | 15.04.2 |
| mahara | mahara | 15.04.3 |
| mahara | mahara | 15.04.4 |
| mahara | mahara | 15.04.5 |
| mahara | mahara | 15.04.6 |
| mahara | mahara | 15.10.0 |
| mahara | mahara | 15.10.1 |
| mahara | mahara | 15.10.2 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration