Candidate: CVE-2011-2774
PublicDate: 2011-11-15 03:57:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2774
Description:
 The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1
 allows remote authenticated users to read the messages of a different user
 via a modified replyto parameter.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/mahara/+bug/888358
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_mahara:
 debdiff: https://bugs.launchpad.net/ubuntu/+source/mahara/+bug/888358
upstream_mahara: released (1.4.1-1)
hardy_mahara: DNE
lucid_mahara: not-affected (1.4 only)
maverick_mahara: not-affected (1.4 only)
natty_mahara: not-affected (1.4 only)
oneiric_mahara: released (1.4.0-1ubuntu0.1)
devel_mahara: released (1.4.1-1)