Описание
Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apache:openmeetings:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00097
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Apache OpenMeetings vulnerable to SQL injection
EPSS
Процентиль: 27%
0.00097
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89