Openmeetings Security Vulnerabilities and Issues — Openmeetings CVE List

Lucene search

ApacheOpenmeetings

4 matches found

CVE•added 2025/01/08 9:15 a.m.•60 views

CVE-2024-54676

Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0 Description: Default clustering instructions at https://openmeetings.apache.org/Clustering.html doesn't specify white/black lists for OpenJPA this leads to possible deserialisation of untrusted dat...

9.8CVSS6.6AI score0.02287EPSS

CVE•added 2023/03/28 1:15 p.m.•58 views

CVE-2023-28326

Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0 Description: Attacker can elevate their privileges in any room

9.8CVSS9.5AI score0.00155EPSS

CVE•added 2017/07/17 1:18 p.m.•54 views

CVE-2017-7673

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection.

9.8CVSS9.5AI score0.00405EPSS

CVE•added 2017/10/12 6:29 p.m.•44 views

CVE-2016-8736

Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack.

9.8CVSS9.7AI score0.06146EPSS