CVE-2017-7664 – org.apache.openmeetings:openmeetings-parent

Package

Manager: maven
Name: org.apache.openmeetings:openmeetings-parent
Vulnerable Version: >=3.1.0 <3.3.0

Severity

Level: Critical

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00627 pctl0.69318

Details

Apache OpenMeetings does not correctly validate uploaded XML documents Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0. The issue is fixed in version 3.3.0.

Metadata

Created: 2022-05-17T02:28:11Z
Modified: 2022-11-22T18:57:02Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-67q3-gwww-pm4g/GHSA-67q3-gwww-pm4g.json
CWE IDs: ["CWE-611"]
Alternative ID: GHSA-67q3-gwww-pm4g
Finding: F083
Auto approve: 1