Catalyst Mahara User Login Vulnerability

Catalyst Mahara is a social networking system from Catalyst IT in New Zealand. The system includes a blog, resume builder, file manager, and more. A security vulnerability exists in Catalyst Mahara versions 15.04 prior to 15.04.8, 15.10 prior to 15.10.4, and 16.04 prior to 16.04.2, which stems fr...

Code injection

Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to users staying logged in to their Mahara account even when they have been logged out of Moodle when using MNet as Mahara did not properly implement one of the MNet SSO API functions...