Forums | Mahara Community

Security Announcements /
Command injection when PDF bulk is enabled in Mahara before in Mahara before 21.10.1, 21.04.3, and 20.10.4


This topic is closed. Only moderators and the group administrators can post new replies.
dory2380's profile picture
Posts: 52

09 February 2022, 17:24

This is a follow-up for an already released security fix.

 

Vulnerability type: Code execution
Attack type: Local
Impact: Ability to gain privileges

Affected components: Exporting of collections with PDF export enabled
Attack vectors: If a person names a collection in a certain way then on exporting it can cause the name to be executed as a command.

Description: In Mahara before 20.10.4, 21.04.3, and 21.10.1, exporting collections via PDF export could cause code execution.

Reported by: Dominic Couture
Bug report: https://bugs.launchpad.net/mahara/+bug/1949527
CVE reference: 2021-43266

 

Edits to this post:

1 result