Security-Blog
ILIAS 8.25
Following 4 security issues have been resolved:
0045738: Unauthenticated Remote Code Execution
0045898: Wiki: Unauthorized Access to LTI Settings
0045899: ilUIPluginRouterGUI: Unauthorized function calls
0045897: MediaPool: Open/Unvalidated Redirect
Affected Version(s) | 8.24, 9.14, 10.2 |
Fixed Version(s) | 8.25, 9.15, 10.3, 11.0 Beta 2 |
CVSS Score 4.0 | |
Reported by | Florian Wilkens (SRLabs Researchers) |
Affected Version(s) | 8.24, 9.14, 10.2 |
Fixed Version(s) | 8.25, 9.15, 10.3, 11.0 Beta 2 |
CVSS Score 4.0 | 6.9 |
Reported by | Ilja Lukin (Fachhochschule Dortmund) |
Affected Version(s) | 8.24, 9.14, 10.2 |
Fixed Version(s) | 8.25, 9.15, 10.3, 11.0 Beta 2 |
CVSS Score 4.0 | 6.9 |
Reported by | Ilja Lukin (Fachhochschule Dortmund) |
Affected Version(s) | 8.24, 9.14, 10.2 |
Fixed Version(s) | 8.25, 9.15, 10.3, 11.0 Beta 2 |
CVSS Score 4.0 | 4 |
Reported by | Michael Jansen (Databay AG) |