漏洞标题
N/A
漏洞描述信息
在18.10.0之前,在马哈拉发现了一个问题。该问题对用户请求进行处理不当,可能会停止用户维护自己账户的能力(更改用户名、更改主要电子邮件地址、删除账户)。正确的行为是要么提示他们输入密码,要么向他们的主要电子邮件地址发送警告。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An issue was discovered in Mahara before 18.10.0. It mishandled user requests that could discontinue a user's ability to maintain their own account (changing username, changing primary email address, deleting account). The correct behavior was to either prompt them for their password and/or send a warning to their primary email address.
CVSS信息
N/A
漏洞类别
N/A