CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-7666

HIGH
8.8
CVSS Severity Score
EPSS Score0.0060%
EPSS Percentile10.58th
Published2017年7月17日
Last Modified2026年5月13日

Vulnerability Description

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.

Affected Platforms (CPE)

📦
Apache

Openmeetings

= 1.0.0
📦
Apache

Openmeetings

= 2.0
📦
Apache

Openmeetings

= 2.1
📦
Apache

Openmeetings

= 2.1.1
📦
Apache

Openmeetings

= 2.2.0
📦
Apache

Openmeetings

= 3.0.0
📦
Apache

Openmeetings

= 3.0.1
📦
Apache

Openmeetings

= 3.0.2
📦
Apache

Openmeetings

= 3.0.3
📦
Apache

Openmeetings

= 3.0.4
📦
Apache

Openmeetings

= 3.0.5
📦
Apache

Openmeetings

= 3.0.6
📦
Apache

Openmeetings

= 3.0.7
📦
Apache

Openmeetings

= 3.1.0
📦
Apache

Openmeetings

= 3.1.1
📦
Apache

Openmeetings

= 3.1.2
📦
Apache

Openmeetings

= 3.1.3
📦
Apache

Openmeetings

= 3.1.4
📦
Apache

Openmeetings

= 3.1.5
📦
Apache

Openmeetings

= 3.2.0
📦
Apache

Openmeetings

= 3.2.1

References & Advisories

🔗 http://markmail.org/message/fkesu4e5hhz5xdbg
🔗 http://markmail.org/message/fkesu4e5hhz5xdbg

相關漏洞威脅

CVE-2017-766410.0

Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.

CVE-2017-76739.8

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dial...

CVE-2016-87369.8

Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack.

CVE-2017-76818.8

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing ...