CVE-2023-47799 – Mahara's experimental HTML bulk export feature ... (How to Fix)

Q: What is the severity of CVE-2023-47799?

CVE-2023-47799 has a CVSS score of 7.5 (HIGH). Mahara's experimental HTML bulk export feature fails to clear cached images between user exports, allowing users who receive exported files to potentially access other users' images. This affects Mahara installations using the experimental bulk export feature via admin interface or CLI.

📋 TL;DR

Mahara's experimental HTML bulk export feature fails to clear cached images between user exports, allowing users who receive exported files to potentially access other users' images. This affects Mahara installations using the experimental bulk export feature via admin interface or CLI.

💻 Affected Systems

Products:

Mahara

Versions: All versions before 22.10.4 and 23.x before 23.04.4

Operating Systems: All

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when experimental HTML bulk export feature is enabled and used.

📦 What is this software?

Mahara by Mahara

View all CVEs affecting Mahara →

Mahara by Mahara

View all CVEs affecting Mahara →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive user images (potentially containing personal information) are disclosed to unauthorized users through exported files.

🟠

Likely Case

Accidental exposure of non-sensitive user images to other users who receive bulk export files.

🟢

If Mitigated

No impact if experimental bulk export feature is disabled or unused.

🌐 Internet-Facing: MEDIUM - Requires authenticated access to admin interface or CLI, but exported files could be distributed externally.

🏢 Internal Only: MEDIUM - Internal users with export access could inadvertently disclose other users' images.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin access to use bulk export feature or CLI access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 22.10.4 or 23.04.4

Vendor Advisory: https://mahara.org/interaction/forum/topic.php?id=9353

Restart Required: No

Instructions:

1. Backup your Mahara installation and database. 2. Upgrade to Mahara 22.10.4 (for 22.x branch) or 23.04.4 (for 23.x branch). 3. Verify the upgrade completed successfully.

🔧 Temporary Workarounds

Disable experimental bulk export

all

Disable the experimental HTML bulk export feature in Mahara configuration

Edit Mahara config.php and set $cfg->enablebulkexport = false;

🧯 If You Can't Patch

Disable experimental HTML bulk export feature immediately
Restrict admin and CLI access to trusted personnel only

🔍 How to Verify

Check if Vulnerable:

Check Mahara version and verify if experimental bulk export is enabled in configuration

Check Version:

Check Mahara admin interface or config.php for version information

Verify Fix Applied:

Confirm version is 22.10.4 or higher (22.x branch) or 23.04.4 or higher (23.x branch)

📡 Detection & Monitoring

Log Indicators:

Bulk export operations in Mahara logs
Multiple user exports in short timeframes

Network Indicators:

Large file downloads from Mahara export endpoints

SIEM Query:

Search for 'bulk export' or 'export' events in Mahara application logs

📊 Metadata

CVE ID: CVE-2023-47799

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

EPSS Score: 0.04% exploit probability (13.3th percentile)

Published: August 25, 2025

Last Updated: September 5, 2025

🔗 References

https://git.mahara.org/catalyst-security/mahara-security/-/issues/2 Broken Link
https://mahara.org/interaction/forum/topic.php?id=9353 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-47799, you might also want to check these: