CVE-2017-1000151
HIGHMahara <15.04.9, <15.10.5, <16.04.3 - Info Disclosure
Title source: llmDescription
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed by unusual parameters to end up in an error log.
References (1)
Core 1
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugs.launchpad.net/mahara/+bug/1570221
Scores
CVSS v3
7.5
EPSS
0.0108
EPSS Percentile
61.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (19)
mahara/mahara
15.04 rc1 (2 CPE variants)
mahara/mahara
15.04.0
mahara/mahara
15.04.1
mahara/mahara
15.04.2
mahara/mahara
15.04.3
mahara/mahara
15.04.4
mahara/mahara
15.04.5
mahara/mahara
15.04.6
mahara/mahara
15.04.7
mahara/mahara
15.04.8
... and 9 more
Published
Nov 03, 2017
Tracked Since
Feb 18, 2026