Vulnerabilities > Apache > Openmeetings > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-29032 | Improper Authentication vulnerability in Apache Openmeetings An attacker that has gained access to certain private information can use this to act as other user. Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0 | 8.1 |
| 2023-05-12 | CVE-2023-29246 | Improper Input Validation vulnerability in Apache Openmeetings An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 | 7.2 |
| 2021-03-15 | CVE-2021-27576 | Unspecified vulnerability in Apache Openmeetings If was found that the NetTest web service can be used to overload the bandwidth of a Apache OpenMeetings server. | 7.5 |
| 2020-09-30 | CVE-2020-13951 | Unspecified vulnerability in Apache Openmeetings Attackers can use public NetTest web service of Apache OpenMeetings 4.0.0-5.0.0 to organize denial of service attack. | 7.5 |
| 2017-07-17 | CVE-2017-7688 | Unspecified vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 updates user password in insecure manner. | 7.5 |
| 2017-07-17 | CVE-2017-7684 | Resource Exhaustion vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. | 7.5 |
| 2017-07-17 | CVE-2017-7683 | Information Exposure vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure. | 7.5 |
| 2017-07-17 | CVE-2017-7682 | Unspecified vulnerability in Apache Openmeetings 3.2.0/3.2.1 Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation attacks, as a result attacker has access to restricted areas. | 8.2 |
| 2017-07-17 | CVE-2017-7681 | SQL Injection vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. | 8.8 |
| 2017-07-17 | CVE-2017-7680 | Unspecified vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. | 7.5 |