Description
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email can be used to gain access to the user's account.
References (1)
Core 1
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugs.launchpad.net/mahara/+bug/1577251
Scores
CVSS v3
9.8
EPSS
0.0038
EPSS Percentile
59.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (22)
mahara/mahara
15.04 rc1 (2 CPE variants)
mahara/mahara
15.04.0
mahara/mahara
15.04.1
mahara/mahara
15.04.2
mahara/mahara
15.04.3
mahara/mahara
15.04.4
mahara/mahara
15.04.5
mahara/mahara
15.04.6
mahara/mahara
15.04.7
mahara/mahara
15.04.8
... and 12 more
Published
Nov 03, 2017
Tracked Since
Feb 18, 2026