Open Social - Moderately critical - Access bypass - SA-CONTRIB-2024-004

Project: Open SocialDate: 2024-January-24Security risk: Moderately critical 10∕25 AC:Basic/A:User/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Access bypassAffected versions: <12.05Description: Content within Open Social can have different visibilities. It is possible for a user to create public content even when this should not be allowed.
This vulnerability is mitigated by the fact that the site must have public visibility disabled on a global level.Solution: Install the latest version of Open Social:

Reported By: 

Fixed By: 

Coordinated By: 

Path to article