Security-Blog

Die Security-Gruppe informiert über behobene Sicherheitslücken in ILIAS

August 2025

ILIAS 10.1

Wolf, Fabian [fwolf] - 26. Aug 2025, 16:14

Following 2 security issues have been resolved:

0045628: [UICore] UICore: Improper validation of CSRF tokens
0045642: [Logging] Logging: Plaintext Passwords in Error Logs

More…

· Link

ILIAS 9.13

Wolf, Fabian [fwolf] - 26. Aug 2025, 16:09

Following 2 security issues have been resolved:

0045628: [UICore] UICore: Improper validation of CSRF tokens
0045642: [Logging] Logging: Plaintext Passwords in Error Logs

More…

· Link

ILIAS 8.23

Wolf, Fabian [fwolf] - 26. Aug 2025, 16:00

Following 2 security issues have been resolved:

0045628: [UICore] UICore: Improper validation of CSRF tokens
0045642: [Logging] Logging: Plaintext Passwords in Error Logs

More…

· Link

July 2025

ILIAS 9.12

Tokar, David [tokard], Wolf, Fabian [fwolf] - 15. Jul 2025, 16:00

No security issues have been resolved in this version.

More…

· Link

ILIAS 8.22

Tokar, David [tokard], Wolf, Fabian [fwolf] - 8. Jul 2025, 15:30

Following 5 security issues have been resolved:

0044299: [Weblink] Weblink: Missing permission checks
0044435: [Exercise] Exercise: Unauthorized access
0044469: [Glossary] Glossary: Missing RBAC checks
0044536: [Session (Course & Group)] Session: Missing RBAC checks
0045164: [Media Pools and Media Objects] Media Pool: DoS through infinite loop

More…

· Link

Security-Blog

Functions

August 2025

ILIAS 10.1

ILIAS 9.13

ILIAS 8.23

July 2025

ILIAS 9.12

ILIAS 8.22