Forums | Mahara Community
Command injection when PDF bulk is enabled in Mahara before in Mahara before 21.10.1, 21.04.3, and 20.10.4
09 February 2022, 17:24
This is a follow-up for an already released security fix.
Vulnerability type: Code execution
Attack type: Local
Impact: Ability to gain privileges
Affected components: Exporting of collections with PDF export enabled
Attack vectors: If a person names a collection in a certain way then on exporting it can cause the name to be executed as a command.
Description: In Mahara before 20.10.4, 21.04.3, and 21.10.1, exporting collections via PDF export could cause code execution.
Reported by: Dominic Couture
Bug report: https://bugs.launchpad.net/mahara/+bug/1949527
CVE reference: 2021-43266
Edits to this post:
- Kristina Hoeppner - 10 February 2022, 11:27
- Kristina Hoeppner - 10 February 2022, 11:29