CVE-2017-7681
CVE-2017-7681
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Jul 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end.
Affected products
Apache Software Foundation · Apache OpenMeetings