CVE-2017-1000150

2017-11-03T18:29:00
ID CVE-2017-1000150
Type cve
Reporter cve@mitre.org
Modified 2017-11-13T16:00:00

Description

Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. This makes users of the site more vulnerable to session fixation attacks.