CVE-2017-1000151

HIGH

Mahara <15.04.9, <15.10.5, <16.04.3 - Info Disclosure

Title source: llm
STIX 2.1

Description

Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed by unusual parameters to end up in an error log.

References (1)

Core 1
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugs.launchpad.net/mahara/+bug/1570221

Scores

CVSS v3 7.5
EPSS 0.0108
EPSS Percentile 61.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (19)
mahara/mahara 15.04 rc1 (2 CPE variants)
mahara/mahara 15.04.0
mahara/mahara 15.04.1
mahara/mahara 15.04.2
mahara/mahara 15.04.3
mahara/mahara 15.04.4
mahara/mahara 15.04.5
mahara/mahara 15.04.6
mahara/mahara 15.04.7
mahara/mahara 15.04.8
... and 9 more
Published Nov 03, 2017
Tracked Since Feb 18, 2026