CVE Vulnerabilities

CVE-2022-42707

Published: Nov 06, 2022 | Modified: May 02, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions.

Affected Software

Name Vendor Start Version End Version
Mahara Mahara 21.04.0 (including) 21.04.7 (excluding)
Mahara Mahara 21.10.0 (including) 21.10.5 (excluding)
Mahara Mahara 22.04.0 (including) 22.04.3 (excluding)
Mahara Mahara 22.10.0-rc1 (including) 22.10.0-rc1 (including)

References