CVE-2020-9387

Published: 2020-04-30T13:15Z

Last Modified: 2024-11-21T05:40Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In Mahara 19.04 before 19.04.5 and 19.10 before 19.10.3, account details are shared in the Elasticsearch results for accounts that are not accessible when the config setting 'Isolated institutions' is turned on. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt