Severity: important Affected versions:
- Apache OpenMeetings 2.0.0 before 7.1.0 Description: An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 This issue is being tracked as OPENMEETINGS-2765 Credit: Stefan Schiller (reporter) References: https://openmeetings.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-29246 https://issues.apache.org/jira/browse/OPENMEETINGS-2765