Headline
CVE-2022-42707: Bug #1991157 “Certain embedded images can be accessed without lo...” : Bugs : Mahara
In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions.
Certain embedded images can be accessed without login
This bug affects 1 person
Affects
Status
Importance
Assigned to
Milestone
Mahara
Fix Released
Critical
Gold
Mahara 22.10.0
21.04
Fix Released
Critical
Unassigned
Mahara 21.04.7
21.10
Fix Released
Critical
Unassigned
Mahara 21.10.5
22.04
Fix Released
Critical
Unassigned
Mahara 22.04.3
Bug Description
Details see internal Catalyst WR #392023.
Changed in mahara:
status:
Confirmed → In Progress
assignee:
nobody → Gold (gold.catalyst)
Changed in mahara:
status:
In Progress → Fix Committed
Changed in mahara:
status:
Fix Committed → Fix Released
information type:
Private Security → Public Security
Changed in mahara:
importance:
High → Critical
To post a comment you must log in.
- Report a bug
This report contains Public Security information
Everyone can see this security related information.
Other bug subscribers