返回 CVE 瀏覽器

CVE-2017-7664

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0920%

EPSS Percentile17.75th

Published2017年7月17日

Last Modified2026年5月13日

Vulnerability Description

Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.

Affected Platforms (CPE)

📦

Apache

Openmeetings

= 3.1.0

📦

Apache

Openmeetings

= 3.1.1

📦

Apache

Openmeetings

= 3.1.2

📦

Apache

Openmeetings

= 3.1.3

📦

Apache

Openmeetings

= 3.1.4

📦

Apache

Openmeetings

= 3.1.5

📦

Apache

Openmeetings

= 3.2.0

📦

Apache

Openmeetings

= 3.2.1

References & Advisories

🔗 http://markmail.org/message/cwr552iapmhukb45

🔗 http://www.securityfocus.com/bid/99576

🔗 http://markmail.org/message/cwr552iapmhukb45

🔗 http://www.securityfocus.com/bid/99576

相關漏洞威脅

CVE-2016-87369.8

Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack.

CVE-2017-76739.8

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dial...

CVE-2017-76668.8

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based a...

CVE-2017-76818.8

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing ...