Forums | Mahara Community
Arbitrary code execution in 1.0.13 and 1.1.7
06 April 2010, 0:03
|Category:||Arbitrary code execution
|Versions affected:||< 1.0.14, < 1.1.8|
|Reported by:||Mahara Team|
|Identifiers:||CVE-2008-4810, CVE-2008-4811 and CVE-2009-1669|
Multiple security issues have been found in the version of smarty bundled with Mahara 1.0 and 1.1. Note that Mahara 1.2 is not affected by this problem since it no longer uses smarty.
Upgrading to Mahara 1.0.14 or 1.1.8 is recommended for all sites not yet running 1.2.
A post by Account deleted was deleted