CVE-2017-7664

CWE-611XML External Entity (XXE)4 documents4 sources
Severity
10.0CRITICAL
EPSS
0.6%
top 29.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache Software Foundation Apache OpenmeetingsApache Openmeetings
Timeline
PublishedJul 17
Latest updateMay 17

Description

Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages3 packages

NVDapache/openmeetings8 versions+7

🔴Vulnerability Details

3
GHSA
Apache OpenMeetings does not correctly validate uploaded XML documents2022-05-17
OSV
Apache OpenMeetings does not correctly validate uploaded XML documents2022-05-17
CVEList
CVE-2017-7664: Uploaded XML documents were not correctly validated in Apache OpenMeetings 32017-07-14
CVE-2017-7664 (CRITICAL CVSS 10) | Uploaded XML documents were not cor | cvebase.io