CVE-2017-7680

4 documents4 sources
Severity
7.5HIGH
EPSS
1.3%
top 20.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache Software Foundation Apache OpenmeetingsApache Openmeetings
Timeline
PublishedJul 17
Latest updateMay 13

Description

Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash content to be loaded from untrusted domains.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDapache/openmeetings21 versions+20

🔴Vulnerability Details

3
GHSA
Apache OpenMeetings allows flash content to be loaded from untrusted domains2022-05-13
OSV
Apache OpenMeetings allows flash content to be loaded from untrusted domains2022-05-13
CVEList
CVE-2017-7680: Apache OpenMeetings 12017-07-14
CVE-2017-7680 (HIGH CVSS 7.5) | Apache OpenMeetings 1.0.0 has an ov | cvebase.io