Security-Blog

Die Security-Gruppe informiert über behobene Sicherheitslücken in ILIAS

April 2025

ILIAS 8.19

Tokar, David [tokard], Wolf, Fabian [fwolf] - 1. Apr 2025, 17:00

Following 8 security issues have been resolved:

0040995: Fixed escaping of Title and Author in Tile-View of Objects
0044199: XSS hidden input escaping
0044254: ActiveRecord: Missing escaping
0044255: Bibliographic: Missing input validation
0044342: LearningSequence: Unauthorized access
0044438: Test: Missing RBAC checks
0044441: XSS in Question Titles
0044737: Added Missing RBAC Check in TranslationsGUI

More…

· Link

ILIAS 9.8

Tokar, David [tokard], Wolf, Fabian [fwolf] - 1. Apr 2025, 17:00

Following 10 security issues have been resolved:

0040995: Fixed escaping of Title and Author in Tile-View of Objects
0043900: Fixed escaping of LOM on the info tab and in the editor
0044126: Login Response Improvement: Use generic error message
0044199: XSS hidden input escaping
0044254: ActiveRecord: Missing escaping
0044255: Bibliographic: Missing input validation
0044342: LearningSequence: Unauthorized access
0044438: Test: Missing RBAC checks
0044441: XSS in Question Titles
0044737: Added Missing RBAC Check in TranslationsGUI

More…

· Link

Security-Blog

Functions

April 2025

ILIAS 8.19

ILIAS 9.8