CyberSec.Space Logo
Back to CVE Browser

CVE-2017-7666

HIGH
8.8
CVSS Severity Score
EPSS Score0.0060%
EPSS Percentile10.58th
PublishedJul 17, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.

Affected Platforms (CPE)

πŸ“¦
Apache

Openmeetings

= 1.0.0
πŸ“¦
Apache

Openmeetings

= 2.0
πŸ“¦
Apache

Openmeetings

= 2.1
πŸ“¦
Apache

Openmeetings

= 2.1.1
πŸ“¦
Apache

Openmeetings

= 2.2.0
πŸ“¦
Apache

Openmeetings

= 3.0.0
πŸ“¦
Apache

Openmeetings

= 3.0.1
πŸ“¦
Apache

Openmeetings

= 3.0.2
πŸ“¦
Apache

Openmeetings

= 3.0.3
πŸ“¦
Apache

Openmeetings

= 3.0.4
πŸ“¦
Apache

Openmeetings

= 3.0.5
πŸ“¦
Apache

Openmeetings

= 3.0.6
πŸ“¦
Apache

Openmeetings

= 3.0.7
πŸ“¦
Apache

Openmeetings

= 3.1.0
πŸ“¦
Apache

Openmeetings

= 3.1.1
πŸ“¦
Apache

Openmeetings

= 3.1.2
πŸ“¦
Apache

Openmeetings

= 3.1.3
πŸ“¦
Apache

Openmeetings

= 3.1.4
πŸ“¦
Apache

Openmeetings

= 3.1.5
πŸ“¦
Apache

Openmeetings

= 3.2.0
πŸ“¦
Apache

Openmeetings

= 3.2.1

References & Advisories

πŸ”— http://markmail.org/message/fkesu4e5hhz5xdbg
πŸ”— http://markmail.org/message/fkesu4e5hhz5xdbg

Related Vulnerabilities

CVE-2017-766410.0

Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.

CVE-2017-76739.8

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dial...

CVE-2016-87369.8

Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack.

CVE-2017-76818.8

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing ...