Vulnerabilities > Apache > Openmeetings > 3.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-7680 | Unspecified vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. | 5.0 |
| 2017-07-17 | CVE-2017-7673 | Improper Restriction of Excessive Authentication Attempts vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection. | 5.0 |
| 2017-07-17 | CVE-2017-7666 | Cross-Site Request Forgery (CSRF) vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks. | 6.8 |
| 2017-07-17 | CVE-2017-7664 | XXE vulnerability in Apache Openmeetings Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0. | 7.5 |