CVE-2020-5229
Opencast CVE-2020-5229 concerns weak password hashing: previous releases stored passwords with MD5 salted by username, causing vulnerability where attacker with DB access could attempt password cracking. Opencast 8.1 switched to bcrypt, but legacy MD5 hashes remain until passwords are updated. Af...