From ${URL} : Description High-Tech Bridge SA has discovered a vulnerability in b2evolution, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "show_statuses[]" GET parameter to admin.php (when "ctrl" is set to "items", "tab" is set to "full", and "blog" is set to a valid blog ID) is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires the "restricted" or "normal" access to the administration area (granted to the "Bloggers" group by default) and the "View all blogs" permission (not granted to the "Bloggers" group by default). The vulnerability is confirmed in version 4.1.6. Prior versions may also be affected. Solution Update to version 4.1.7. Provided and/or discovered by High-Tech Bridge SA Original Advisory https://www.htbridge.com/advisory/HTB23152 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not
Maintainer timeout. Security bumped. Arches, please stabilize: =www-apps/b2evolution-4.1.7 Target arches: amd64 ppc x86. Thanks!
amd64 stable
ppc stable
x86 stable
GLSA vote: no.
GLSA vote: no Closing as noglsa
