- Apache OpenMeetings 7.0.0 + Apache OpenMeetings 7.1.0
Severity: Critical
+Vendor: The Apache Software Foundation
+Versions Affected: from 2.0.0 before 7.1.0
+Description: Attacker can access arbitrary recording/room
+ CVE-2023-28936
+
The issue was fixed in 7.1.0
+ All users are recommended to upgrade to Apache OpenMeetings 7.1.0
Credit: This issue was identified by Stefan Schiller
+Severity: Important
+Vendor: The Apache Software Foundation
+Versions Affected: from 3.1.3 before 7.1.0
+Description: An attacker that has gained access to certain private information can use this to act as other user.
+ CVE-2023-29032
+
The issue was fixed in 7.1.0
+ All users are recommended to upgrade to Apache OpenMeetings 7.1.0
Credit: This issue was identified by Stefan Schiller
+Severity: Important
+Vendor: The Apache Software Foundation
+Versions Affected: from 2.0.0 before 7.0.0
+Description: An attacker who has gained access to an admin account can perform RCE via null-byte injection
+ 2023-29246
+
The issue was fixed in 7.1.0
+ All users are recommended to upgrade to Apache OpenMeetings 7.1.0
Credit: This issue was identified by Stefan Schiller
+Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: from 2.0.0 before 7.0.0
Description: Attacker can elevate their privileges in any room
- CVE-2023-28326
+ CVE-2023-28326
The issue was fixed in 7.0.0
All users are recommended to upgrade to Apache OpenMeetings 7.0.0
Vendor: The Apache Software Foundation
Versions Affected: from 4.0.0 before 6.0.0
Description: NetTest web service can be used to overload the bandwidth of the server
- CVE-2021-27576
+ CVE-2021-27576
The issue was fixed in 6.0.0
All users are recommended to upgrade to Apache OpenMeetings 6.0.0
Vendor: The Apache Software Foundation
Versions Affected: from 4.0.0 before 5.0.1
Description: NetTest web service can be used to perform Denial of Service attack
- CVE-2020-13951
+ CVE-2020-13951
The issue was fixed in 5.0.1
All users are recommended to upgrade to Apache OpenMeetings 5.0.1
Vendor: wicket-jquery-ui
Versions Affected: <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1
Description: JS code created in WYSIWYG editor will be executed on display
- CVE-2018-1325
+ CVE-2018-1325
The issue was fixed in 6.29.1, 7.10.2, 8.0.0-M9.2
All users are recommended to upgrade to Apache OpenMeetings 4.0.3
Vendor: wicket-jquery-ui
Versions Affected: <= 6.28.0, <= 7.9.1, <= 8.0.0-M8
Description: Attacker can submit arbitrary JS code to WYSIWYG editor
- CVE-2017-15719
+ CVE-2017-15719
The issue was fixed in 6.28.1, 7.9.2, 8.0.0-M8.1
All users are recommended to upgrade to Apache OpenMeetings 4.0.2
Versions Affected: from 3.0.0 before 4.0.2
Description: CRUD operations on privileged users are not password protected allowing an authenticated attacker
to deny service for privileged users.
- CVE-2018-1286
+ CVE-2018-1286
The issue was fixed in 4.0.2
All users are recommended to upgrade to Apache OpenMeetings 4.0.2
Vendor: The Apache Software Foundation
Versions Affected: 3.2.0
Description: Both global and Room chat are vulnerable to XSS attack
- CVE-2017-7663
+ CVE-2017-7663
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Vendor: The Apache Software Foundation
Versions Affected: from 3.1.0 before 3.3.0
Description: Uploaded XML documents were not correctly validated
- CVE-2017-7664
+ CVE-2017-7664
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Versions Affected: from 1.0.0 before 3.3.0
Description: Apache Openmeetings is vulnerable to Cross-Site Request Forgery (CSRF)
attacks, XSS attacks, click-jacking, and MIME based attacks
- CVE-2017-7666
+ CVE-2017-7666
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Description: Apache OpenMeetings uses not very strong cryptographic storage,
captcha is not used in registration and forget password dialogs and auth forms
missing brute force protection
- CVE-2017-7673
+ CVE-2017-7673
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Description: Apache OpenMeetings has an overly permissive
crossdomain.xml file. This allows for flash content to be loaded
from untrusted domains.
- CVE-2017-7680
+ CVE-2017-7680
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Versions Affected: 3.2.0
Description: Apache OpenMeetings is vulnerable to parameter manipulation
attacks, as a result attacker has access to restricted areas.
- CVE-2017-7682
+ CVE-2017-7682
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Versions Affected: from 1.0.0 before 3.3.0
Description: Apache OpenMeetings displays Tomcat version and
detailed error stack trace which is not secure.
- CVE-2017-7683
+ CVE-2017-7683
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Description: Apache OpenMeetings doesn't check contents of files
being uploaded. An attacker can cause a denial of service by
uploading multiple large files to the server
- CVE-2017-7684
+ CVE-2017-7684
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Versions Affected: from 1.0.0 before 3.3.0
Description: Apache OpenMeetingsrespond to the following insecure HTTP
Methods: PUT, DELETE, HEAD, and PATCH.
- CVE-2017-7685
+ CVE-2017-7685
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Vendor: The Apache Software Foundation
Versions Affected: from 1.0.0 before 3.3.0
Description: Apache OpenMeetings updates user password in insecure manner.
- CVE-2017-7688
+ CVE-2017-7688
The issue was fixed in 3.3.0
All users are recommended to upgrade to Apache OpenMeetings 3.3.0
Description: The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the
classes for which it performs deserialization, which allows remote attackers to execute
arbitrary code via crafted serialized Java data.
- CVE-2017-5878
+ CVE-2017-5878
The issue was fixed in 3.1.4
All users are recommended to upgrade to Apache OpenMeetings 3.1.4
Vendor: The Apache Software Foundation
Versions Affected: from 3.1.0 before 3.1.2
Description: Apache Openmeetings is vulnerable to Remote Code Execution via RMI deserialization attack
- CVE-2016-8736
+ CVE-2016-8736
The issue was fixed in 3.1.2
All users are recommended to upgrade to Apache OpenMeetings 3.1.3
Versions Affected: from 3.1.0 before 3.1.2
Description: The value of the URL's "swf" query parameter is interpolated into the JavaScript tag without
being escaped, leading to the reflected XSS.
- CVE-2016-3089
+ CVE-2016-3089
All users are recommended to upgrade to Apache OpenMeetings 3.1.2
Credit: This issue was identified by Matthew Daley
@@ -289,7 +322,7 @@ name and the current system time, and then hashing it using MD5. This is highly predictable and can be cracked in seconds by an attacker with knowledge of the user name of an OpenMeetings user.All users are recommended to upgrade to Apache OpenMeetings 3.1.1
Credit: This issue was identified by Andreas Lindh
@@ -305,7 +338,7 @@ directory. This could be used to, for example, overwrite the /usr/bin/convert file (or any other 3 rd party integrated executable) with a shell script, which would be executed the next time an image file is uploaded and imagemagick is invoked.All users are recommended to upgrade to Apache OpenMeetings 3.1.1
Credit: This issue was identified by Andreas Lindh
@@ -319,7 +352,7 @@ possible to create a link like "javascript:alert('xss')", which will execute once the link is clicked. As the link is placed within an <a> tag, the actual link is not visible to the end user which makes it hard to tell if the link is legit or not.All users are recommended to upgrade to Apache OpenMeetings 3.1.1
Credit: This issue was identified by Andreas Lindh
@@ -331,7 +364,7 @@Description: When attempting to upload a file via the API using the importFileByInternalUserId or importFile
methods in the FileService, it is possible to read arbitrary files from the system. This is due to that
Java's URL class is used without checking what protocol handler is specified in the API call.
- CVE-2016-2164
+ CVE-2016-2164
All users are recommended to upgrade to Apache OpenMeetings 3.1.1
Credit: This issue was identified by Andreas Lindh
diff --git a/openmeetings-service/pom.xml b/openmeetings-service/pom.xml index 335bbc1cf5..9bbc1dd4cf 100644 --- a/openmeetings-service/pom.xml +++ b/openmeetings-service/pom.xml @@ -22,7 +22,7 @@