An attacker who has gained access to an admin account can perform RCE via null-byte injection
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0
References
Link | Resource |
---|---|
https://lists.apache.org/thread/230plvhbdx26m43b0sy942wlwt6kkmmr | Mailing List |
Configurations
History
No history.
Information
Published : 2023-05-12 08:15
Updated : 2024-10-11 21:35
NVD link : CVE-2023-29246
Mitre link : CVE-2023-29246
CVE.ORG link : CVE-2023-29246
JSON object : View
Products Affected
apache
- openmeetings
CWE
CWE-20
Improper Input Validation