CVE-2020-9387
CVE-2020-9387 affects Mahara 19.04 before 19.04.5 and 19.10 before 19.10.3. The issue exposes account details in Elasticsearch results for accounts that should be inaccessible when the Isolated institutions setting is enabled, resulting in information disclosure. The vulnerability’s concrete reme...