CVE-2023-29246
maven/org.apache.openmeetings/openmeetings-server
Improper Input Validation
An attacker who has gained access to an admin account can perform RCE via null-byte injection
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0
All versions starting from 2.0.0 before 7.1.0
Upgrade to version 7.1.0 or above.
2023-05-23
source |