Forums | Mahara Community
Accessing page help causing path traversal in Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0
29 October 2021, 17:06
Vulnerability type: Path traversal
Attack type: Local
Impact: Access escalation
Affected components: The help icon for 'page help'
Attack vectors: If a person alters the path to the page help file they can traverse to find other .html files outside the site's webroot and potentially find sensitive information.
Description: In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, addjusting the path component for the page help file could cause seeing html files that you are not allowed to access.
Reported by: Dominic Couture
Bug report: https://bugs.launchpad.net/mahara/+bug/1944979
CVE reference: CVE-2021-43264
Edits to this post:
- Kristina Hoeppner - 04 November 2021, 15:36