Certain embedded images can be accessed without login

Bug #1991157 reported by Kristina Hoeppner
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
Fix Released
Critical
Gold
21.04
Fix Released
Critical
Unassigned
21.10
Fix Released
Critical
Unassigned
22.04
Fix Released
Critical
Unassigned

Bug Description

Details see internal Catalyst WR #392023.

CVE References

description: updated
Gold (gold.catalyst)
Changed in mahara:
status: Confirmed → In Progress
assignee: nobody → Gold (gold.catalyst)
Doris Tam (doristam)
Changed in mahara:
status: In Progress → Fix Committed
Robert Lyon (robertl-9)
Changed in mahara:
status: Fix Committed → Fix Released
Robert Lyon (robertl-9)
information type: Private Security → Public Security
Changed in mahara:
importance: High → Critical
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.