CVE-2018-11565
The vulnerability affects Mahara versions 17.04 before 17.04.8, 17.10 before 17.10.5, and 18.04 before 18.04.1, where the registration flow reveals that a username is already taken rather than masking that information. Root cause is an error/feedback path that discloses taken usernames, enabling ...