PT-2025-34768 · Mahara · Mahara
Published
2025-08-26
·
Updated
2025-08-26
·
CVE-2024-39335
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
Mahara versions 24.04 through 24.04.0
Mahara versions 23.04 through 23.04.5
Description:
Certain conditions on the 'Current submissions' page (
Administration -> Groups -> Submissions) can lead to information disclosure to an institution administrator.Recommendations:
Upgrade to Mahara version 24.04.1 or later.
Upgrade to Mahara version 23.04.6 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mahara