CVE-2013-4429
CVE-2013-4429 affects Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3. The issue is that access to artefacts is not properly restricted, allowing remote authenticated users to read arbitrary artefacts via two vectors: (1) artefact id in an upload action when creating a journal, a...