CVE-2017-1000150
- Source
- https://cve.org/CVERecord?id=CVE-2017-1000150
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000150.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-1000150
- Published
- 2017-11-03T18:29:00.903Z
- Modified
- 2026-02-13T08:06:59.496442Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. This makes users of the site more vulnerable to session fixation attacks.
- References
Affected packages
Git / github.com/maharaproject/mahara
Affected ranges
- Type
- GIT
- Repo
- https://github.com/maharaproject/mahara
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.0.0ALPHA1_RELEASE
1.0.0ALPHA2_RELEASE
1.0.0BETA1_RELEASE
1.0.0BETA2_RELEASE
1.1.0ALPHA1_RELEASE
1.1.0ALPHA2_RELEASE
1.1.0ALPHA3_RELEASE
1.1.0BETA1_RELEASE
1.1.0BETA2_RELEASE
1.1.0BETA3_RELEASE
1.1.0BETA4_RELEASE
1.2.0ALPHA1_RELEASE
1.2.0ALPHA2_RELEASE
1.2.0ALPHA3_RELEASE
1.2.0BETA1_RELEASE
1.2.0BETA2_RELEASE
1.2.0BETA3_RELEASE
1.2.0BETA4_RELEASE
1.2.0RC1_RELEASE
1.3.0BETA1_RELEASE
1.3.0BETA2_RELEASE
1.3.0BETA3_RELEASE
1.3.0BETA4_RELEASE
1.4.0ALPHA1_RELEASE
1.7RC1_RELEASE
1.8RC1_RELEASE
1.8RC2_RELEASE
15.*
15.04RC1_RELEASE