CVE-2017-7681

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-7681

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7681.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-7681

Aliases

GHSA-335g-xcjh-ghc2

Published

2017-07-17T13:18:29Z

Modified

2025-04-20T01:37:25Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end.

References

http://markmail.org/message/j774dp5ro5xmkmg6

Affected packages

Git / github.com/apache/openmeetings

Affected ranges

Type: GIT
Repo: https://github.com/apache/openmeetings
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3db0ad0d802d9778f1d4df1c4f52dbf0ce289990

Last affected

ec8117c4ab942262f06836f1efe5985ae600e12c