Forums | Mahara Community

Security Announcements /
Accessing page help causing path traversal in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0


This topic is closed. Only moderators and the group administrators can post new replies.
Robert Lyon's profile picture
Posts: 764

29 October 2021, 17:06

Vulnerability type: Path traversal
Attack type: Local
Impact: Access escalation

Affected components: The help icon for 'page help'
Attack vectors: If a person alters the path to the page help file they can traverse to find other .html files outside the site's webroot and potentially find sensitive information.

Description: In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, addjusting the path component for the page help file could cause seeing html files that you are not allowed to access.

Reported by: Dominic Couture
Bug report: https://bugs.launchpad.net/mahara/+bug/1944979
CVE reference: CVE-2021-43264

Edits to this post:

1 result