BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[CVE-2016-3089] Apache OpenMeetings XSS in SWF panel Aug 12 2016 10:06AM
Maxim Solodovnik (solomax666 gmail com)
Severity: Moderate

Vendor: The Apache Software Foundation

Versions Affected: Apache OpenMeetings 3.1.0

Description: The value of the URL's "swf" query parameter is
interpolated into the JavaScript tag without being escaped, leading to
the reflected XSS.

All users are recommended to upgrade to Ap...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus