You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openmeetings.apache.org by Maxim Solodovnik <so...@apache.org> on 2023/05/12 01:16:56 UTC
CVE-2023-29032: Apache OpenMeetings: allows bypass authentication
Severity: important
Affected versions:
- Apache OpenMeetings 3.1.3 before 7.1.0
Description:
An attacker that has gained access to certain private information can use this to act as other user.
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0
This issue is being tracked as OPENMEETINGS-2764
Credit:
Stefan Schiller (reporter)
References:
https://openmeetings.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-29032
https://issues.apache.org/jira/browse/OPENMEETINGS-2764