VYPR
Medium severity6.8OSV Advisory· Published Jun 1, 2018· Updated Jun 17, 2026

CVE-2018-11195

CVE-2018-11195

Description

Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to the browser "back and refresh" attack. This allows malicious users with physical access to the web browser of a Mahara user, after they have logged in, to potentially gain access to their Mahara credentials.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • 1.0.0ALPHA1_RELEASE, 1.0.0ALPHA2_RELEASE, 1.0.0BETA2_RELEASE, …+ 1 more
    • (no CPE)range: 1.0.0ALPHA1_RELEASE, 1.0.0ALPHA2_RELEASE, 1.0.0BETA2_RELEASE, …
    • (no CPE)range: 17.04 before 17.04.8, 17.10 before 17.10.5, 18.04 before 18.04.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.