This site has moved to the integrated Appfire documentation and information site for our apps.

From February 2024 this site is no longer updated.

Take a look here! If you have any questions please email support@appfire.com

Comala Document Control Security Advisory 2022-08-04

Owned by Sergio Sloseris (Inactive) (Deactivated)
Last updated: Jul 12, 2023 by Pablo Gallego _Appfire_
1 min read

This advisory discloses a security vulnerability found and fixed in Comala Document Control.  We recommend upgrading Comala Document Control to the latest supported version.

Affected Versions

The vulnerability affects all the Comala Document Control versions up to 1.12.12

The 1.12.13 release contains a fix for the issues mentioned below.

Vulnerabilities

Severity

Comalatech rates the severity of these issues as High  according to the published Atlassian Security Levels. We have ranked the vulnerability as high because: 

  • Registered and anonymous users can perform unauthorized actions that will result in significant data loss.

This is an independent assessment and you should evaluate its applicability to your own IT environment.

Description

We have fixed vulnerabilities that allowed users to do unauthorized actions.

Risk Mitigation

We recommend all users to upgrade to Comala Document Control to v1.12.13