[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2023-28326: Apache OpenMeetings: allows user impersonation
From: Maxim Solodovnik <solomax () apache ! org>
Date: 2023-03-28 10:09:24
Message-ID: e31de680-52c6-e824-ffc4-080f15cd0972 () apache ! org
[Download RAW message or body]
Severity: critical
Description:
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0
Description: Attacker can elevate their privileges in any room
This issue is being tracked as OPENMEETINGS-2739
Credit:
Dennis Zimmt (reporter)
References:
https://openmeetings.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-28326
https://issues.apache.org/jira/browse/OPENMEETINGS-2739
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic