← Back to CVE List

CVE-2017-17455

Published: 2018-02-20T22:29Z
Last Modified: 2024-11-21T03:17Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before 17.10.2 are vulnerable to being forced, via a man-in-the-middle attack, to interact with Mahara on the HTTP protocol rather than HTTPS even when an SSL certificate is present. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt