An attacker who has gained access to an admin account can perform RCE via null-byte injection
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0
References
Link | Resource |
---|---|
https://lists.apache.org/thread/230plvhbdx26m43b0sy942wlwt6kkmmr | Mailing List |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2023-05-12T07:43:20.422Z
Updated: 2023-05-12T07:43:20.422Z
Reserved: 2023-04-04T15:31:03.257Z
Link: CVE-2023-29246
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-12T08:15:08.997
Modified: 2023-05-22T14:55:15.440
Link: CVE-2023-29246
JSON object: View
Redhat Information
No data.
CWE