Open Social - Moderately critical - Access bypass - SA-CONTRIB-2022-062

Project: Open SocialDate: 2022-November-30Security risk: Moderately critical 10∕25 AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:DefaultVulnerability: Access bypassAffected versions: >=11.4.0 <11.4.9 || >=11.5.0 <11.5.1Description: Social Private Message module allows users on the platform to allow users to send private messages to each other.
The module does not properly perform the correct access checks for certain operations.Solution: Install the latest version:

Reported By: 

Fixed By: 

Coordinated By: 

Path to article