3 matches found
CVE-2021-43264
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character...
Mahara < 20.04.5, 20.10.x < 20.10.3, 21.4.x < 21.04.2 Multiple Vulnerabilities
Mahara is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mahara:mahara"; if description...
CVE-2021-43264
CVE-2021-43264 affects Mahara releases prior to 20.04.5, 20.10.3, 21.04.2, and 21.10.0. The flaw is a directory traversal during page help file path handling that replaces the '-' character with '/' to bypass access control on HTML files. The connected sources confirm the affected versions and sy...