Security-Blog
ILIAS 8.19
Following 8 security issues have been resolved:
0040995: Fixed escaping of Title and Author in Tile-View of Objects
0044199: XSS hidden input escaping
0044254: ActiveRecord: Missing escaping
0044255: Bibliographic: Missing input validation
0044342: LearningSequence: Unauthorized access
0044438: Test: Missing RBAC checks
0044441: XSS in Question Titles
0044737: Added Missing RBAC Check in TranslationsGUI
Affected Version(s) | 8.18, 9.7, 10.0 Beta3 |
Fixed Version(s) | 8.19, 9.8, 10.0 |
CVS Score | - |
Reported by | - |
Affected Version(s) | 8.18, 9.7, 10.0 Beta3 |
Fixed Version(s) | 8.19, 9.8, 10.0 |
CVS Score | 2.1 |
Reported by | - |
Affected Version(s) | 8.18, 9.7, 10.0 Beta3 |
Fixed Version(s) | 8.19, 9.8, 10.0 |
CVS Score | 6.1 |
Reported by | Ilja Lukin (Fachhochschule Dortmund) |
Affected Version(s) | 8.18, 9.7, 10.0 Beta3 |
Fixed Version(s) | 8.19, 9.8, 10.0 |
CVS Score | 6.1 |
Reported by | Ilja Lukin (Fachhochschule Dortmund) |
Affected Version(s) | 8.18, 9.7, 10.0 Beta3 |
Fixed Version(s) | 8.19, 9.8, 10.0 |
CVS Score | - |
Reported by | Ilja Lukin (Fachhochschule Dortmund) |
Affected Version(s) | 8.18, 9.7, 10.0 Beta3 |
Fixed Version(s) | 8.19, 9.8, 10.0 |
CVS Score | 6.3 |
Reported by | Michael Jansen (Databay AG) |
Affected Version(s) | 8.18, 9.7, 10.0 Beta3 |
Fixed Version(s) | 8.19, 9.8, 10.0 |
CVS Score | 2.1 |
Reported by | Martin-Luther-Universität Halle-Wittenberg |
Affected Version(s) | 8.18, 9.7, 10.0 Beta3 |
Fixed Version(s) | 8.19, 9.8, 10.0 |
CVS Score | - |
Reported by | - |