CVE-2017-1000153
- Source
- https://cve.org/CVERecord?id=CVE-2017-1000153
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000153.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-1000153
- Published
- 2017-11-03T18:29:01.027Z
- Modified
- 2026-04-10T03:56:01.808111Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email can be used to gain access to the user's account.
- References
Affected packages
Git / github.com/maharaproject/mahara
Affected ranges
- Type
- GIT
- Repo
- https://github.com/maharaproject/mahara
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "15.04-rc1" }, { "introduced": "0" }, { "last_affected": "15.04-rc2" }, { "introduced": "0" }, { "last_affected": "15.04.0" }, { "introduced": "0" }, { "last_affected": "15.04.1" }, { "introduced": "0" }, { "last_affected": "15.04.2" }, { "introduced": "0" }, { "last_affected": "15.04.3" }, { "introduced": "0" }, { "last_affected": "15.04.4" }, { "introduced": "0" }, { "last_affected": "15.04.5" }, { "introduced": "0" }, { "last_affected": "15.04.6" }, { "introduced": "0" }, { "last_affected": "15.04.7" }, { "introduced": "0" }, { "last_affected": "15.04.8" }, { "introduced": "0" }, { "last_affected": "15.04.9" }, { "introduced": "0" }, { "last_affected": "16.04-rc1" }, { "introduced": "0" }, { "last_affected": "16.04-rc2" }, { "introduced": "0" }, { "last_affected": "16.04.0" }, { "introduced": "0" }, { "last_affected": "16.04.1" }, { "introduced": "0" }, { "last_affected": "16.04.2" }, { "introduced": "0" }, { "last_affected": "16.04.3" }, { "introduced": "0" }, { "last_affected": "15.10.0" }, { "introduced": "0" }, { "last_affected": "15.10.1" }, { "introduced": "0" }, { "last_affected": "15.10.2" }, { "introduced": "0" }, { "last_affected": "15.10.3" }, { "introduced": "0" }, { "last_affected": "15.10.4" }, { "introduced": "0" }, { "last_affected": "15.10.5" } ] }
Affected versions
1.*
1.0.0ALPHA1_RELEASE
1.0.0ALPHA2_RELEASE
1.0.0BETA2_RELEASE
1.1.0ALPHA1_RELEASE
1.1.0ALPHA2_RELEASE
1.1.0ALPHA3_RELEASE
1.1.0BETA2_RELEASE
1.1.0BETA4_RELEASE
1.2.0ALPHA2_RELEASE
1.2.0ALPHA3_RELEASE
1.3.0BETA1_RELEASE
1.3.0BETA2_RELEASE
1.4.0ALPHA1_RELEASE
1.7RC1_RELEASE
1.8RC1_RELEASE
1.8RC2_RELEASE
15.*
15.04.0_RELEASE
15.04.1_RELEASE
15.04.2_RELEASE
15.04.3_RELEASE
15.04.4_RELEASE
15.04.5_RELEASE
15.04.6_RELEASE
15.04.7_RELEASE
15.04.8_RELEASE
15.04.9_RELEASE
15.04RC1_RELEASE
15.04RC2_RELEASE
15.10.0_RELEASE
15.10.1_RELEASE
15.10.2_RELEASE
15.10.3_RELEASE
15.10.4_RELEASE
15.10.5_RELEASE
15.10RC1_RELEASE
15.10RC2_RELEASE
16.*
16.04.0_RELEASE
16.04.1_RELEASE
16.04.2_RELEASE
16.04.3_RELEASE
16.04RC1_RELEASE
16.04RC2_RELEASE