CVE-2017-1000154
Mahara is vulnerable to an authentication bypass in 15.04 (pre-15.04.8), 15.10 (pre-15.10.4), and 16.04 (pre-16.04.2) where certain authentication methods bypass Mahara’s built-in login form, allowing login even if an institution is expired or suspended. Root cause: authentication paths outside t...