ГлавнаяУязвимости → CVE-2024-39335
9.1критическая

CVE-2024-39335

Описание

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration -> Groups -> Submissions.

Затрагиваемое ПО
Mahara Mahara
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://mahara.org/interaction/forum/topic.php?id=9519https://mahara.org/interaction/forum/view.php?id=43