CVE-2017-7663

Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.
References
Link Resource
http://markmail.org/message/aka2z2dq7icfw2p2 Mailing List Third Party Advisory
http://www.securityfocus.com/bid/99577 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:openmeetings:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.2.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-07-17 13:18

Updated : 2024-02-04 19:29


NVD link : CVE-2017-7663

Mitre link : CVE-2017-7663

CVE.ORG link : CVE-2017-7663


JSON object : View

Products Affected

apache

  • openmeetings
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')