This issue has been addressed in version 3.5.4 and later. In addition, v3.4.5 and earlier versions have been upgraded to address a potential SQL injection issue.
CVE-2018-3228 An issue has been discovered in v3.5.3 and earlier versions of v3 primarily affecting customers using the Univention Corporate Server. This issue is due to permissions in the user profile page that can be manipulated by attackers to gain Administrator privileges.
CVE-2018-3226 An issue has been discovered in v3.5.2 and earlier versions of v3. In certain deployments, when a user attempts to login to an instance of v3, an error page is displayed that contains a cross-site scripting vulnerability. This issue can potentially be exploited by attackers to execute arbitrary script code in a user’s browser session in an affected v3 installation.
CVE-2018-3225 An issue has been discovered in v3.5.2 and earlier versions of v3. In certain deployments, attackers may be able to bypass login restrictions and escalate privileges on v3 installations. This may occur when a user is logged in to a v3 instance and attempts to access a backend system that is configured to require a special privilege to access. An attacker who has access to a v3 installation can exploit this issue to access a restricted system.
CVE-2018-3223 An issue has been discovered in v3.5.
Overview of the Vulnerability
The following vulnerabilities have been discovered in v3.5.x and earlier:
Description
An issue has been discovered in v3.5.4 and later versions of v3. In certain deployments, attackers may be able to escalate privileges on v3 installations by accessing a backend system that is configured to require a special privilege to access.
^B rief description
This article is about how to outsource SEO and avoid the five most common mistakes companies make when they do.
To outsource SEO, the article mentions that there are many benefits of doing so and that it can be done on a variety of platforms like Facebook which has high engagement.
The article also mentions that there are six reasons why digital marketing is important for businesses.
When to Update v3?
This is a reminder to update your v3 installation to the latest version.
Timeline
Published on: 09/19/2022 16:15:00 UTC
Last modified on: 09/21/2022 17:46:00 UTC