Authentication Bypass Vulnerability in Mahara

Authentication Bypass Vulnerability in Mahara

CVE-2017-1000154 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's built-in login form, still allowing users to log in even if their institution was expired or suspended.

Learn more about our User Device Pen Test.