CVE-2017-1000147
CVE-2017-1000147 affects Mahara 1.9 before 1.9.8, 1.10 before 1.10.6, and 15.04 before 15.04.3. It enables a CSRF on the uploader in Mahara’s filebrowser widget, allowing an attacker to trick a user into uploading malicious files to their Mahara account. The provided documents do not specify a pa...