CVE-2022-45134 | THREATINT

Description

Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user input unsafely during skin import. A particularly structured XML file could cause code execution when being processed.

PUBLISHED Reserved 2022-11-10 | Published 2025-08-22 | Updated 2025-08-26 | Assigner mitre

References

bugs.launchpad.net/mahara/+bug/1993082

mahara.org/interaction/forum/topic.php?id=9353

cve.org (CVE-2022-45134)

nvd.nist.gov (CVE-2022-45134)

Download JSON