CVE 2009-3298
Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote authenticated institution administrators to reset a site administrator password via unspecified vectors.
Related bugs and status
CVE-2009-3298 (Candidate) is related to these bugs:
Bug #463082: privilege escalation for institution admins CVE-2009-3298
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
463082 | privilege escalation for institution admins CVE-2009-3298 | mahara (Ubuntu) | Undecided | Fix Released | ||
463082 | privilege escalation for institution admins CVE-2009-3298 | mahara (Ubuntu Jaunty) | Undecided | Fix Released | ||
463082 | privilege escalation for institution admins CVE-2009-3298 | mahara (Ubuntu Karmic) | Undecided | Fix Released | ||
463082 | privilege escalation for institution admins CVE-2009-3298 | mahara (Ubuntu Lucid) | Undecided | Fix Released |
Bug #463083: cross-site scripting vulnerability in resume blocktype CVE-2009-3299
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
463083 | cross-site scripting vulnerability in resume blocktype CVE-2009-3299 | mahara (Ubuntu) | Undecided | Fix Released | ||
463083 | cross-site scripting vulnerability in resume blocktype CVE-2009-3299 | mahara (Ubuntu Jaunty) | Undecided | Fix Released | ||
463083 | cross-site scripting vulnerability in resume blocktype CVE-2009-3299 | mahara (Ubuntu Karmic) | Undecided | Fix Released | ||
463083 | cross-site scripting vulnerability in resume blocktype CVE-2009-3299 | mahara (Ubuntu Lucid) | Undecided | Fix Released |
Bug #486687: Please sync mahara 1.1.7-1 (universe) from Debian unstable (main).
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
486687 | Please sync mahara 1.1.7-1 (universe) from Debian unstable (main). | mahara (Ubuntu) | Wishlist | Fix Released |
See the
CVE page on Mitre.org
for more details.