oss-sec mailing list archives
CVE-2023-28326: Apache OpenMeetings: allows user impersonation
From: Maxim Solodovnik <solomax () apache org>
Date: Tue, 28 Mar 2023 10:09:24 +0000
Severity: critical Description: Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0 Description: Attacker can elevate their privileges in any room This issue is being tracked as OPENMEETINGS-2739 Credit: Dennis Zimmt (reporter) References: https://openmeetings.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-28326 https://issues.apache.org/jira/browse/OPENMEETINGS-2739
Current thread:
- CVE-2023-28326: Apache OpenMeetings: allows user impersonation Maxim Solodovnik (Mar 28)