CVE-2011-2773

Priority
Medium
Description
Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1
allows remote attackers to hijack the authentication of administrators for
requests that add a user to an institution.
References
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (1.2.4-1ubuntu0.4)
Ubuntu 11.04 (Natty Narwhal):released (1.2.7-1ubuntu0.2)
Ubuntu 11.10 (Oneiric Ocelot):released (1.4.0-1ubuntu0.1)
Ubuntu 12.04 LTS (Precise Pangolin):released (1.4.1-1)
Patches:
Vendor:http://www.debian.org/security/2011/dsa-2334
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:22:15 UTC (commit 5347)