CVE-2023-47799

Published: Aug 25, 2025

Modified: Aug 25, 2025

PUBLISHED

Description

Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administration interface or via the CLI, and the resulting export files are given to the account holders. They may contain images of other account holders because the cache is not cleared after the files of one account are exported.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.mahara.org/catalyst-security/mahara-security/-/issues/2

https://mahara.org/interaction/forum/topic.php?id=9353

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-47799

Description

Affected Products

References