2 matches found
CVE-2020-5228
CVE-2020-5228 affects Opencast versions prior to 7.6/8.1 where OAI-PMH publication was enabled by default, allowing unauthenticated public access to media and metadata. The root cause is the OAI-PMH endpoint being part of the default workflow and not protected by default. Mitigations implemented ...
CVE-2020-5228 Opencast allows unauthorized public access via OAI-PMH
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...