Rocket.Chat: account takeover on 3.0.1 version

I find user reset password hash info and other security info on "/api/v1/users.info" note : I login on rocketchat with ldap account my role : user note: in request "https://target/api/v1/users.info?username=xhttps://target/api/v1/users.info?username=%5Bx%5D" you should change usrname to userId 1-...

Apache OpenMeetings < 3.1.1 Multiple Vulnerabilities

Apache OpenMeetings is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:openmeetings";...