Security Advisory

CVE-2017-1000139

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-11-03 18:00:00

Last updated 2024-08-05 21:53:07

Assigner mitre

State PUBLISHED

Description

Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to server-side request forgery attacks as not all processes of curl redirects are checked against a white or black list. Employing SafeCurl will prevent issues.

← Browse all CVEs View on cve.org ↗