Opencast < 17.8, 18.x < 18.2 Multiple Vulnerabilities

Opencast is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:opencast:opencast"; if description...

GHSA-M2VG-RMQ6-P62R Opencast's Paella Player 7 is vulnerable to Cross-Site Scripting

Prior to Opencast 17.8 and 18.2 the paella would include and render some user inputs metadata like title, description, etc. unfiltered and unmodified. Impact The vulnerability allows attackers to inject and malicious HTML and JavaScript in the player, which would then be executed in the browsers ...

EUVD-2020-0248

Malware in sbrugna...

EUVD-2020-1477

Malware in sbrugna...

GHSA-6F54-3QR9-PJGJ Unauthenticated Access Via OAI-PMH

Impact Media publication via OAI-PMH allows unauthenticated public access to all media and metadata by default. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public...