v0.4.9.1 - Security Hotfix - Open Collective

Kavita

Contribute

All ways to contribute

Budget

Transactions
Expenses

Connect

Updates

About

Submit expense
Request Grant

v0.4.9.1 - Security Hotfix

Published on January 5, 2022 by Joseph Milazzo

It has come to my attention that v0.4.9 has a vulnerability where non-privileged users can create admin accounts for themselves. Please update to mitigate this issue.

You can find the release here.

Fixes

Fixed a critical bug where non-privileged users could create admin accounts (Fixes #894)