oss-sec mailing list archives
CVE-2023-28936: Apache OpenMeetings: insufficient check of invitation hash
From: Maxim Solodovnik <solomax () apache org>
Date: Fri, 12 May 2023 01:14:09 +0000
Severity: critical Affected versions: - Apache OpenMeetings 2.0.0 before 7.1.0 Description: Attacker can access arbitrary recording/room Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 This issue is being tracked as OPENMEETINGS-2762 Credit: Stefan Schiller (reporter) References: https://openmeetings.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-28936 https://issues.apache.org/jira/browse/OPENMEETINGS-2762
Current thread:
- CVE-2023-28936: Apache OpenMeetings: insufficient check of invitation hash Maxim Solodovnik (May 11)