Cross-Site Request Forgery and Common Vulnerabilities in Apache OpenMeetings
CVE-2017-7666
8.8HIGH
Summary
Apache OpenMeetings version 1.0.0 is susceptible to multiple types of security issues, including Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), click-jacking, and MIME-based attacks. These vulnerabilities could allow an attacker to execute unauthorized actions, manipulate user sessions, or exploit user data, posing significant risks to users and organizations utilizing this platform.
Affected Version(s)
Apache OpenMeetings 1.0.0
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved