CVE-2013-4431 in Mahara
Riassunto
di MITRE
Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does not properly prevent access to blocks, which allows remote authenticated users to modify arbitrary blocks via the bock id in an edit request.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.