2 matches found
Authentication flaw
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's built-in login form, still allowing users to log in even if their institution was expired or suspended...
CVE-2017-1000154
Mahara is vulnerable to an authentication bypass in 15.04 (pre-15.04.8), 15.10 (pre-15.10.4), and 16.04 (pre-16.04.2) where certain authentication methods bypass Mahara’s built-in login form, allowing login even if an institution is expired or suspended. Root cause: authentication paths outside t...