← Back to team overview

mahara-packaging team mailing list archive

[Bug 676336] Re: Blogs get deleted without sesskey check

 

This security vulnerability is now public.

-- 
You received this bug notification because you are a member of Mahara
Packaging, which is subscribed to mahara in Ubuntu.
https://bugs.launchpad.net/bugs/676336

Title:
  Blogs get deleted without sesskey check

Status in Mahara ePortfolio:
  Fix Released
Status in Mahara 1.3 series:
  Fix Released
Status in “mahara” package in Ubuntu:
  In Progress

Bug description:
  Permissions are checked but the sesskey is neither passed nor checked
  e.g. artefact/blog/index.php?delete=123