CyberSec.Space Logo
Back to CVE Browser

CVE-2017-7664

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0920%
EPSS Percentile17.75th
PublishedJul 17, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.

Affected Platforms (CPE)

πŸ“¦
Apache

Openmeetings

= 3.1.0
πŸ“¦
Apache

Openmeetings

= 3.1.1
πŸ“¦
Apache

Openmeetings

= 3.1.2
πŸ“¦
Apache

Openmeetings

= 3.1.3
πŸ“¦
Apache

Openmeetings

= 3.1.4
πŸ“¦
Apache

Openmeetings

= 3.1.5
πŸ“¦
Apache

Openmeetings

= 3.2.0
πŸ“¦
Apache

Openmeetings

= 3.2.1

References & Advisories

πŸ”— http://markmail.org/message/cwr552iapmhukb45
πŸ”— http://www.securityfocus.com/bid/99576
πŸ”— http://markmail.org/message/cwr552iapmhukb45
πŸ”— http://www.securityfocus.com/bid/99576

Related Vulnerabilities

CVE-2016-87369.8

Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack.

CVE-2017-76739.8

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dial...

CVE-2017-76668.8

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based a...

CVE-2017-76818.8

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing ...