Security-Blog

Die Security-Gruppe informiert über behobene Sicherheitslücken in ILIAS

May 2025

ILIAS 9.10

Tokar, David [tokard], Wolf, Fabian [fwolf] - 27. May 2025, 17:00

Following 3 security issues have been resolved:

0044343: MediaCast: Unauthorized access
0044426: Learning Module HTML: Unauthorized access
0044559: MediaCast: Missing RBAC checks

More…
· Link

ILIAS 8.21

Tokar, David [tokard], Wolf, Fabian [fwolf] - 27. May 2025, 17:00

Following 2 security issues have been resolved:

0044343: MediaCast: Unauthorized access
0044559: MediaCast: Missing RBAC checks

More…
· Link

ILIAS 8.20

Tokar, David [tokard], Wolf, Fabian [fwolf] - 22. May 2025, 17:00

Following security issue has been resolved:

0044426: Learning Module HTML: Unauthorized access to settings form

More…
· Link

ILIAS 9.9

Tokar, David [tokard], Wolf, Fabian [fwolf] - 20. May 2025, 17:00

Due to unfortunate circumstances, there is no security fix in ILIAS 9.9.
Please update to ILIAS 9.10 immediately.

Following security issue has been resolved:

0044426: Learning Module HTML: Unauthorized access to settings form

More…
· Link

April 2025

ILIAS 8.19

Tokar, David [tokard], Wolf, Fabian [fwolf] - 1. Apr 2025, 17:00

Following 8 security issues have been resolved:

0040995: Fixed escaping of Title and Author in Tile-View of Objects
0044199: XSS hidden input escaping
0044254: ActiveRecord: Missing escaping
0044255: Bibliographic: Missing input validation
0044342: LearningSequence: Unauthorized access
0044438: Test: Missing RBAC checks
0044441: XSS in Question Titles
0044737: Added Missing RBAC Check in TranslationsGUI

More…
· Link