CVE-2017-1000217

HIGH

8.8

CVSS Severity Score

EPSS Score0.0260%

EPSS Percentile25.85th

Published2017年11月17日

Last Modified2026年5月13日

Vulnerability Description

Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.

Affected Platforms (CPE)

📦

Opencast

<= 2.3.2

References & Advisories

🔗 https://groups.google.com/a/opencast.org/forum/#%21topic/security-notices/sCpt0pIPEFg

相關漏洞威脅

CVE-2021-438219.9

Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast before version 9.10 or 10.6 allows reference...

CVE-2020-52068.7

In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authenti...

CVE-2021-326238.1

Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vu...

CVE-2020-52297.7

Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the...