http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7265 Bug #: 7265 Summary: [security] Local File Inclusion Vulnerability Classification: Unclassified Change sponsored?: --- Product: Koha Version: rel_3_6 Platform: All OS/Version: All Status: NEW Severity: critical Priority: P5 - low Component: Architecture, internals, and plumbing AssignedTo: gmcharlt@gmail.com ReportedBy: semarie-koha@latrappe.fr QAContact: ian.walls@bywatersolutions.com An exploit has been published against LibLime Koha <= 4.2 on http://1337day.com/exploits/17246 . After quick verification, koha 3.6.x is vulnerable (other version should be too). As the exploit is public, this bug report is too. Thanks. -- Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.