246 matches found
CVE-2022-41965 Opencast Authenticated OpenRedirect Vulnerability
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to...
PT-2022-26189 · Opencast · Opencast
Name of the Vulnerable Software and Affected Versions: Opencast versions prior to 12.5 Description: The vulnerability in Opencast's Paella authentication page allows attackers to redirect authenticated users to arbitrary URLs, potentially facilitating phishing attacks or other security issues. Th...
CVE-2022-41965 Opencast Authenticated OpenRedirect Vulnerability
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to...
The vulnerability of the application for automatic capture, processing, management, and distribution of Opencast videos, related to the use of files and directories accessible to external parties, allows a violator to gain unauthorized access to protected information.
The vulnerability of the application for automatic capture, processing, management, and distribution of Opencast videos involves the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized...
Opencast < 9.10, 10.x < 10.6 Log4j RCE Vulnerability (GHSA-mf4f-j588-5xm8, Log4Shell)
Opencast is prone to a remote code execution RCE vulnerability in the Apache Log4j library dubbed SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
Opencast < 10.6 Unauthorized File Access Vulnerability
Opencast is prone to a unauthorized file access vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
Opencast < 10.14, 11.x < 11.7 Improper Authentication Vulnerability
Opencast is prone to a improper authentication vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...
Opencast < 9.10 HTTP Method Spoofing Vulnerability
Opencast is prone to an HTTP method spoofing vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
GHSA-QM6V-CG9V-53J3 Limited Authentication Bypass for Media Files
Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassing organizational barriers. Impact The vulnerability allows attackers to bypass organizational...
Limited Authentication Bypass for Media Files
Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassing organizational barriers. Impact The vulnerability allows attackers to bypass organizational...
Authentication Bypass
Opencast-ingest-service-impl is vulnerable to authentication bypass. The vulnerability exists in addContentToRepo function in IngestServiceImpl.java because opencast doesn't properly restrict users when passing URLs which allows an attacker to gain access and bypass organizational barriers...
CVE-2022-29237
Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassin...
Double free
Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassin...
CVE-2022-29237 Limited Authentication Bypass for Media Files in Opencast
Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassin...
CVE-2022-29237 Limited Authentication Bypass for Media Files in Opencast
Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassin...
CVE-2022-29237 Limited Authentication Bypass for Media Files in Opencast
Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassin...
CVE-2022-29237
Opencast exposes a cross-tenant access flaw: before versions 10.14 and 11.7, an attacker with full access to the ingest REST interface and knowledge of internal links could import files from another organization within the same multi-tenant cluster, bypassing organizational barriers. The issue is...
Opencast 授权问题漏洞
Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. An authorization issue vulnerability exists in Opencast prior to version 10.14 and prior to version 11.7, which stems from the fact that a user can pass i...
GHSA-QWFV-5JWJ-582H Opencast RCE Vulnerability
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0...
Opencast RCE Vulnerability
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0...