Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user input unsafely during skin import. A particularly structured XML file could cause code execution when being processed.
The vulnerability (CWE-502) consists of the fact that when processing an imported XML file with a skin, the application deserializes its contents without proper validation or sanitization. An attacker can upload a specially crafted XML file, whose processing by the deserialization mechanism results in the execution of arbitrary code on the server side.
An attacker can gain full control over the server through remote code execution (RCE), threatening the confidentiality, integrity, and availability of the entire system.
Mahara should be updated to version 21.10.6 or later (for the 21.10 branch), 22.04.4 or later (for the 22.04 branch), or 22.10.1 or later (for the 22.10 branch). Details available in the vendor references: https://mahara.org/interaction/forum/topic.php?id=9353
Mahara in versions: 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMahara
APPMahara21.10.0 – 21.10.6 (bez)22.04.0 – 22.04.4 (bez)22.10.0 – 22.10.1 (bez)
Related vulnerabilities
Mahara: Ujawnienie informacji administratorowi instytucji przez stronę 'Current submissions'
Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially ...
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web services token is v...
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentic...
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect acc...