← Volver a CVEs
CVE-2020-9282
MEDIUM6.5
Descripcion
In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, certain personal information is discoverable inspecting network responses on the 'Edit access' screen when sharing portfolios.
Detalles CVE
Puntuacion CVSS v3.16.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado3/9/2020
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
mahara:mahara
Debilidades (CWE)
CWE-200
Referencias
https://bugs.launchpad.net/mahara/+bug/1863043(cve@mitre.org)
https://mahara.org/interaction/forum/topic.php?id=8590(cve@mitre.org)
https://bugs.launchpad.net/mahara/+bug/1863043(af854a3a-2127-422b-91ae-364da2661108)
https://mahara.org/interaction/forum/topic.php?id=8590(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.