CVE-2017-7666

Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.
References
Link Resource
http://markmail.org/message/fkesu4e5hhz5xdbg Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:openmeetings:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:openmeetings:3.2.1:*:*:*:*:*:*:*

Information

Published : 2017-07-17 06:18

Updated : 2017-07-19 08:24


NVD link : CVE-2017-7666

Mitre link : CVE-2017-7666


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

apache

  • openmeetings