1
Candidate: CVE-2013-4432
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4432
5
https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5831
6
http://www.openwall.com/lists/oss-security/2013/10/16/7
8
Mahara before 1.5.13, 1.6.x before 1.6.8, and 1.7.x before 1.7.4 does not
9
properly restrict access to folders, which allows remote authenticated
10
users to read arbitrary folders (1) by leveraging an active folder tab
11
loaded before permissions were removed or (2) via the folder parameter to
12
artefact/file/groupfiles.php.
21
upstream: https://bazaar.launchpad.net/~mahara-release/mahara/1.7_STABLE/revision/5831
22
upstream_mahara: released (1.7.3)
23
lucid_mahara: ignored (reached end-of-life)
24
precise_mahara: ignored (reached end-of-life)
25
precise/esm_mahara: DNE (precise was needed)
26
quantal_mahara: ignored (reached end-of-life)
27
raring_mahara: ignored (reached end-of-life)
28
saucy_mahara: ignored (reached end-of-life)
32
vivid/stable-phone-overlay_mahara: DNE
33
vivid/ubuntu-core_mahara: DNE