CVE-2023-29246
Improper Input Validation in maven/org.apache.openmeetings/openmeetings-server
Identifiers
CVE-2023-29246
Package Slug
maven/org.apache.openmeetings/openmeetings-server
Vulnerability
Improper Input Validation
Description
An attacker who has gained access to an admin account can perform RCE via null-byte injection
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0
Affected Versions
All versions starting from 2.0.0 before 7.1.0
Solution
Upgrade to version 7.1.0 or above.
Last Modified
2023-05-23
| source |