CVE-2020-9387
CVE-2020-9387
In Mahara 19.04 before 19.04.5 and 19.10 before 19.10.3, account details are shared in the Elasticsearch results for accounts that are not accessible when the config setting 'Isolated institutions' is turned on.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →