Catalyst It · Mahara · CVE-2017-1000145
**Name of the Vulnerable Software and Affected Versions**
Mahara versions 1.9 through 1.9.6
Mahara versions 1.10 through 1.10.4
Mahara versions 15.04 through 15.04.1
**Description**
The issue allows anonymous comments to be placed on artefact detail pages, even when the site administrator has disallowed anonymous comments.
**Recommendations**
For Mahara versions 1.9 through 1.9.6, update to version 1.9.7 or later.
For Mahara versions 1.10 through 1.10.4, update to version 1.10.5 or later.
For Mahara versions 15.04 through 15.04.1, update to version 15.04.2 or later.