In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, file metadata information is disclosed to group members in the Elasticsearch result list despite them not having access to that artefact anymore.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-03-09T14:14:43

Updated: 2024-08-04T10:26:16.292Z

Reserved: 2020-02-25T00:00:00

Link: CVE-2020-9386

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-03-09T16:15:16.017

Modified: 2024-11-21T05:40:32.173

Link: CVE-2020-9386

cve-icon Redhat

No data.