Openmeetings Security Vulnerabilities and Issues — Openmeetings CVE List

Lucene search

ApacheOpenmeetings

5 matches found

CVE•added 2017/07/17 1:18 p.m.•64 views

CVE-2017-7663

Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.

6.1CVSS6.2AI score0.00834EPSS

CVE•added 2018/02/28 6:29 p.m.•47 views

CVE-2018-1286

In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged users are not password protected allowing an authenticated attacker to deny service for privileged users.

6.5CVSS6.5AI score0.00176EPSS

CVE•added 2016/04/11 2:59 p.m.•44 views

CVE-2016-2163

Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event.

6.1CVSS6.1AI score0.02728EPSS

CVE•added 2016/08/19 9:59 p.m.•37 views

CVE-2016-3089

Cross-site scripting (XSS) vulnerability in the SWF panel in Apache OpenMeetings before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the swf parameter.

6.1CVSS6.1AI score0.0087EPSS

CVE•added 2016/04/11 2:59 p.m.•36 views

CVE-2016-0784

Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1 allows remote authenticated administrators to write to arbitrary files via a .. (dot dot) in a ZIP archive entry.

6.5CVSS6.3AI score0.06065EPSS