2 matches found
CVE-2020-9386
In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, file metadata information is disclosed to group members in the Elasticsearch result list despite them not having access to that artefact anymore...
Mahara Information Disclosure Vulnerability (CNVD-2020-16699)
Mahara is a full-featured web application for building your own ePortfolio. An information disclosure vulnerability exists in Mahara. The vulnerability can be exploited by a member of a group to gain unauthorized access to file metadata information in an Elasticsearch results list. No detailed...