CVE-2011-2773

Mahara < 1.4.1 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1 allows remote attackers to hijack the authentication of administrators for requests that add a user to an institution.

References (5)

Core 5
Core References
Issue Tracking x_refsource_confirm
https://bugs.launchpad.net/mahara/+bug/800032
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2334
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/46719

Scores

EPSS 0.0095
EPSS Percentile 57.2%

Details

CWE
CWE-352
Status published
Products (33)
mahara/mahara 0.9.0
mahara/mahara 0.9.1
mahara/mahara 0.9.2
mahara/mahara 1.0.0
mahara/mahara 1.0.1
mahara/mahara 1.0.2
mahara/mahara 1.0.3
mahara/mahara 1.0.4
mahara/mahara 1.0.5
mahara/mahara 1.0.6
... and 23 more
Published Nov 15, 2011
Tracked Since Feb 18, 2026