CVE-2024-47853
HIGH WAF: Low
CVSS 8.8
Published: 2025-08-26
CWE-269
An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may utilize escalation of privileges in certain cases when logging into Mahara with Learning Tools Interoperability (LTI).
WAF Coverage Analysis
Improper Privilege Management
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| mahara | mahara | up to 23.04.9 |
| mahara | mahara | 24.04.0 - 24.04.5 |
References
- mahara.org (Vendor Advisory)
- www.mahara.org (Product)