Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27357 of 28220

CVE-2017-7663

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.

CVE-2017-7684

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

Apache OpenMeetings 1.0.0 doesn’t check contents of files being uploaded. An attacker can cause a denial of service by uploading multiple large files to the server.

CVE-2017-7666

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.

CVE-2017-7683

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure.

CVE-2017-7682

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation attacks, as a result attacker has access to restricted areas.

Author: Cyberthreat Blog

CVE-2017-7663

CVE-2017-7684

CVE-2017-7666

CVE-2017-7683

CVE-2017-7682