CVE-2017-1000150
CVE-2017-1000150 affects Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3. The root cause is that session IDs are not regenerated on login or logout, enabling session fixation. Impact is elevated risk of session hijacking for users of affected versions. Remediation: upgrade to Mahara 15.04.7 ...