CVE-2017-1000131
Mahara is affected by CVE-2017-1000131: versions 15.04 before 15.04.8, 15.10 before 15.10.4, and 16.04 before 16.04.2 allow a user to remain logged in after logout when using MNet SSO with Moodle. The root cause is Mahara not properly implementing one of the MNet SSO API functions. Public details...