CVE-2023-28326

CVE-2023-28326: Apache OpenMeetings: allows user impersonation

Vendor Apache Software Foundation

Product Apache OpenMeetings

Weakness CWE-306 · Missing auth

Published March 28, 2023

Last update October 23, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0 Description: Attacker can elevate their privileges in any room

Key dates

Disclosure timeline

March 28, 2023 CVE published

October 23, 2024 Record updated