CVE-2022-42707

Name of the Vulnerable Software and Affected Versions Mahara versions 21.04 through 21.04.6 Mahara versions 21.10 through 21.10.4 Mahara versions 22.04 through 22.04.2 Mahara versions 22.10 through 22.09.9 is not a correct range, simplifying to: Mahara version 22.10.0

However, since 22.10.0 is the start of the range and there is no end version specified other than itself, and given that the context implies versions before a certain point are affected, the correct interpretation considering the context provided would be: Mahara versions 21.04 through 21.04.6 Mahara versions 21.10 through 21.10.4 Mahara versions 22.04 through 22.04.2 Mahara version 22.10.0

Description The issue allows embedded images to be accessible without a sufficient permission check under certain conditions.

Recommendations For Mahara versions 21.04 through 21.04.6, update to version 21.04.7 or later. For Mahara versions 21.10 through 21.10.4, update to version 21.10.5 or later. For Mahara versions 22.04 through 22.04.2, update to version 22.04.3 or later. For Mahara version 22.10.0, update to a version later than 22.10.0.