11 matches found
EUVD-2020-0248
Malware in sbrugna...
CVE-2020-5228
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...
EPrints Cross-Site Scripting Vulnerability
EPrints is a free open source software package for building open access repositories compliant with the OAI-PMH protocol. A reflected cross-site scripting vulnerability exists in the dataset parameter of the cgi/datasetdictionary URI in EPrints 3.4.2. No detailed vulnerability details are provide...
Authentication Bypass
opencast-kernel is vulnerable to authentication bypass. The vulnerability exists as media publication via OAI-PMH allows unauthenticated public access to all media and metadata by default...
GHSA-6F54-3QR9-PJGJ Unauthenticated Access Via OAI-PMH
Impact Media publication via OAI-PMH allows unauthenticated public access to all media and metadata by default. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...
Unauthenticated Access Via OAI-PMH
Impact Media publication via OAI-PMH allows unauthenticated public access to all media and metadata by default. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...
CVE-2020-5228
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...
CVE-2020-5228
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...
Default configuration
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...
CVE-2020-5228
CVE-2020-5228 affects Opencast versions prior to 7.6/8.1 where OAI-PMH publication was enabled by default, allowing unauthenticated public access to media and metadata. The root cause is the OAI-PMH endpoint being part of the default workflow and not protected by default. Mitigations implemented ...
CVE-2020-5228 Opencast allows unauthorized public access via OAI-PMH
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...