3 matches found
CVE-2022-28892
Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery CSRF because randomly generated tokens are too easily guessable...
CVE-2022-28892
Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery CSRF because randomly generated tokens are too easily guessable...
CVE-2022-28892
Mahara is affected by a CSRF vulnerability in versions prior to 20.10.5, 21.04.4, 21.10.2, and 22.04.0. The root cause is that randomly generated CSRF tokens are too easily guessable, enabling cross-site request forgery under the stated versions. Affected product is Mahara (eportfolio software). ...