Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-11565

Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than masking that information.

Related bugs and status

CVE-2018-11565 (Candidate) is related to these bugs:

Bug #1772774: change error message when changing username

		In	Importance	Status
1772774	change error message when changing username	Mahara	High	Fix Released
1772774	change error message when changing username	Mahara 18.10	High	Fix Released
1772774	change error message when changing username	Mahara 18.04	High	Fix Released
1772774	change error message when changing username	Mahara 17.04	High	Fix Released
1772774	change error message when changing username	Mahara 17.10	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugs.launchpad...
CONFIRM: https://mahara.org/int...