Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end.
References
Link | Resource |
---|---|
http://markmail.org/message/j774dp5ro5xmkmg6 | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-07-17 13:18
Updated : 2024-02-28 16:04
NVD link : CVE-2017-7681
Mitre link : CVE-2017-7681
CVE.ORG link : CVE-2017-7681
JSON object : View
Products Affected
apache
- openmeetings
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')