Openlearn
Monthly
OpenLearn forum software with safeMode enabled allows unauthenticated attackers to bypass post approval restrictions and read unpublished content directly via post UUID, bypassing the public forum list filtering. The vulnerability affects all versions prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab and is remotely exploitable without authentication or user interaction. A vendor patch is available.
OpenLearn forum software with safeMode enabled allows unauthenticated attackers to bypass post approval restrictions and read unpublished content directly via post UUID, bypassing the public forum list filtering. The vulnerability affects all versions prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab and is remotely exploitable without authentication or user interaction. A vendor patch is available.