CVE-2024-39335

Description

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration -> Groups -> Submissions.

References

https://mahara.org/interaction/forum/view.php?id=43

https://mahara.org/interaction/forum/topic.php?id=9519

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS