Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0
Description: Attacker can elevate their privileges in any room
References
Link | Resource |
---|---|
https://lists.apache.org/thread/r9vn12dp5yofn1h3wd5x4h7c3vmmr5d9 | Mailing List Vendor Advisory |
Configurations
History
07 Nov 2023, 04:10
Type | Values Removed | Values Added |
---|---|---|
Summary | Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0 Description: Attacker can elevate their privileges in any room |
04 Apr 2023, 01:30
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | (MISC) https://lists.apache.org/thread/r9vn12dp5yofn1h3wd5x4h7c3vmmr5d9 - Mailing List, Vendor Advisory | |
CPE | cpe:2.3:a:apache:openmeetings:*:*:*:*:*:*:*:* | |
First Time |
Apache
Apache openmeetings |
28 Mar 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-28 13:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-28326
Mitre link : CVE-2023-28326
CVE.ORG link : CVE-2023-28326
JSON object : View
Products Affected
apache
- openmeetings
CWE
CWE-306
Missing Authentication for Critical Function