CVE-2023-29246

Published: May 12, 2023

Modified: Oct 10, 2024

PUBLISHED

Description

An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0

Vendor	Product	Versions
Apache Software Foundation	Apache OpenMeetings	affected `2.0.0 - < 7.1.0`

Weaknesses (CWE)

CWE-20

References

https://lists.apache.org/thread/230plvhbdx26m43b0sy942wlwt6kkmmr

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-29246

Description

Affected Products

Weaknesses (CWE)

References