Vulnerability: Unauthorized Anonymous Comments on Mahara Artefact Detail Pages

Vulnerability: Unauthorized Anonymous Comments on Mahara Artefact Detail Pages

CVE-2017-1000145 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to anonymous comments being able to be placed on artefact detail pages even when the site administrator had disallowed anonymous comments.

Learn more about our Web Application Penetration Testing UK.