Security-Blog
ILIAS 9.11
Following 5 security issues have been resolved:
0044299: [Weblink] Weblink: Missing permission checks
0044435: [Exercise] Exercise: Unauthorized access
0044469: [Glossary] Glossary: Missing RBAC checks
0044536: [Session (Course & Group)] Session: Missing RBAC checks
0045164: [Media Pools and Media Objects] Media Pool: DoS through infinite loop
Affected Version(s) | 8.21, 9.10, 10.0 Beta3 |
Fixed Version(s) | 8.22, 9.11, 10.0 |
CVSS Score 4.0 | 6.3 |
Reported by | Ilja Lukin (Fachhochschule Dortmund) |
Affected Version(s) | 8.21, 9.10, 10.0 Beta3 |
Fixed Version(s) | 8.22, 9.11, 10.0 |
CVSS Score 4.0 | 6.3 |
Reported by | Michael Jansen (Databay AG) |
Affected Version(s) | 8.21, 9.10, 10.0 Beta3 |
Fixed Version(s) | 8.22, 9.11, 10.0 |
CVSS Score 4.0 | 6.3 |
Reported by | Michael Jansen (Databay AG) |
Affected Version(s) | 8.21, 9.10, 10.0 Beta3 |
Fixed Version(s) | 8.22, 9.11, 10.0 |
CVSS Score 4.0 | 6.3 |
Reported by | Michael Jansen (Databay AG) |
Affected Version(s) | 8.21, 9.10 |
Fixed Version(s) | 8.22, 9.11 |
CVSS Score 4.0 | 7.1 |
Reported by | Fadi Asbih (Leibniz Universität Hannover) |