← Back to CVE List

CVE-2017-1000139

Published: 2017-11-03T18:29Z
Last Modified: 2024-11-21T03:04Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to server-side request forgery attacks as not all processes of curl redirects are checked against a white or black list. Employing SafeCurl will prevent issues. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt