[Bug 676336] Re: Blogs get deleted without sesskey check
François Marier
francois at debian.org
Fri Mar 25 01:40:05 UTC 2011
This security vulnerability is now public.
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.
https://bugs.launchpad.net/bugs/676336
Title:
Blogs get deleted without sesskey check
Status in Mahara ePortfolio:
Fix Released
Status in Mahara 1.3 series:
Fix Released
Status in “mahara” package in Ubuntu:
In Progress
Bug description:
Permissions are checked but the sesskey is neither passed nor checked
e.g. artefact/blog/index.php?delete=123
More information about the Ubuntu-sponsors
mailing list