Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.

References

• https://nvd.nist.gov/vuln/detail/CVE-2010-1668
• https://exchange.xforce.ibmcloud.com/vulnerabilities/59994
• http://secunia.com/advisories/40431
• http://wiki.mahara.org/Release_Notes/1.0.15
• http://wiki.mahara.org/Release_Notes/1.1.9
• http://wiki.mahara.org/Release_Notes/1.2.5
• http://www.securityfocus.com/bid/41319