VYPR
High severity8.8NVD Advisory· Published Nov 3, 2017· Updated Jun 17, 2026

CVE-2017-1000150

CVE-2017-1000150

Description

Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. This makes users of the site more vulnerable to session fixation attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • cpe:2.3:a:mahara:mahara:15.04.0:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:mahara:mahara:15.04.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.04.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.04.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.04.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.04.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.04.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.04.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.04:rc1:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.04:rc2:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mahara:mahara:15.10.2:*:*:*:*:*:*:*
    • (no CPE)range: <15.04.7, <15.10.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.