CVE-2011-2774

CVE-2011-2774

EPSS 1.1%

The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1 allows remote authenticated users to read the messages of a different user via a modified replyto parameter.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://secunia.com/advisories/46719 https://launchpad.net/bugs/798128 https://launchpad.net/mahara/+milestone/1.4.1