{"id":"CVE-2020-9282","details":"In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, certain personal information is discoverable inspecting network responses on the 'Edit access' screen when sharing portfolios.","modified":"2026-07-08T20:29:53.997384Z","published":"2020-03-09T14:15:11.523Z","references":[{"type":"ADVISORY","url":"https://mahara.org/interaction/forum/topic.php?id=8590"},{"type":"REPORT","url":"https://bugs.launchpad.net/mahara/+bug/1863043"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/maharaproject/mahara","events":[{"introduced":"d427203cfda1e9f65598be9c86f41094619d31c5"},{"fixed":"2e1293f1410b528ff51da0ef0f64b0178473b9ec"},{"introduced":"d98eee64dc05a1b1fa163b033f0443b5dd6fde92"},{"fixed":"82773b433344b9fe996b08245cd06e451ff490cb"},{"introduced":"6baa307ceb0dfb0292f13b5f23410af77017ee96"},{"fixed":"b2f386dece4b787108ac0ab4f936ac5e1bd48411"}],"database_specific":{"cpe":"cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"18.10.0"},{"fixed":"18.10.5"},{"introduced":"19.04.0"},{"fixed":"19.04.4"},{"introduced":"19.10.0"},{"fixed":"19.10.2"}],"source":"CPE_RANGE"}}],"versions":["19.04.3_RELEASE","19.10.1_RELEASE","18.10.4_RELEASE","19.04.2_RELEASE","18.10.3_RELEASE","19.10.0_RELEASE","19.04.1_RELEASE","18.10.2_RELEASE","19.04.0_RELEASE","18.10.1_RELEASE","18.10.0_RELEASE"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-9282.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}