CVE-2024-47853

High CVSS: 8.8

An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may utilize escalation of privileges in certain cases when logging into Mahara with Learning Tools Interoperability (LTI).

Vendor

Mahara

Product

Mahara

CWE

NVD-CWE-noinfo

Yayın Tarihi

2025-08-26 14:15:35

Güncelleme

2025-09-22 16:15:38

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

NVD-CWE-noinfo Mahara HIGH Mahara 2025

Referanslar

https://mahara.org/interaction/forum/topic.php?id=9594 https://www.mahara.org

Benzer Kayıtlar

Medium

CVE-2024-35203

Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scripting (XSS) via a file, with JavaScript code as part o…

Medium

CVE-2024-47192

An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a malicious export download URL can allow an attacker…

Critical

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed…

High

CVE-2025-29992

Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the data…

Medium

CVE-2024-45753

In Mahara 23.04.8 and 24.04.4, the external RSS feed block can cause XSS if the external feed XML has a malicious value…

Medium

CVE-2024-39923

An issue was discovered in Mahara 24.04 before 24.04.2 and 23.04 before 23.04.7. The About, Contact, and Help footer lin…