CVE-2017-1000217

HIGH

8.8

CVSS Severity Score

EPSS Score0.0260%

EPSS Percentile25.85th

PublishedNov 17, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.

Affected Platforms (CPE)

📦

Opencast

<= 2.3.2

References & Advisories

🔗 https://groups.google.com/a/opencast.org/forum/#%21topic/security-notices/sCpt0pIPEFg

Related Vulnerabilities

CVE-2021-438219.9

Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast before version 9.10 or 10.6 allows reference...

CVE-2020-52068.7

In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authenti...

CVE-2021-326238.1

Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vu...

CVE-2020-52297.7

Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the...