CVE-2023-29246
Improper Input Validation in maven/org.apache.openmeetings/openmeetings-parent
Identifiers
CVE-2023-29246, GHSA-mg5h-f3q8-c96g
Package Slug
maven/org.apache.openmeetings/openmeetings-parent
Vulnerability
Improper Input Validation
Description
An attacker who has gained access to an admin account can perform RCE via null-byte injection
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0
Affected Versions
All versions starting from 2.0.0 before 7.1.0
Solution
Upgrade to version 7.1.0 or above.
Last Modified
2023-05-15
| source |