2 matches found
PT-2024-24086
Name of the Vulnerable Software and Affected Versions OpenFGA versions 1.5.0 through 1.5.2 Description The issue concerns an authorization bypass when calling Check or ListObjects APIs in OpenFGA. Users are likely affected if their model involves exclusion e.g., a but not b or intersection e.g., ...
PT-2012-3898 · Catalyst It · Mahara
Name of the Vulnerable Software and Affected Versions: Mahara versions 1.4.x through 1.4.3 Mahara versions 1.5.x through 1.5.2 Description: The issue allows remote attackers to read arbitrary files or create TCP connections via an XML external entity XXE injection attack. This can be demonstrated...