Description

The (1) FileService.importFileByInternalUserId and (2) FileService.importFile SOAP API methods in Apache OpenMeetings before 3.1.1 improperly use the Java URL class without checking the specified protocol handler, which allows remote attackers to read arbitrary files by attempting to upload a file.

Remediation

References

http://packetstormsecurity.com/files/136434/Apache-OpenMeetings-3.0.7-Arbitary-File-Read.html

https://www.apache.org/dist/openmeetings/3.1.1/CHANGELOG

http://openmeetings.apache.org/security.html

http://www.securityfocus.com/archive/1/537887/100/0/threaded

Related Vulnerabilities

CVE-2023-0481 Vulnerability in maven package io.quarkus.resteasy.reactive:resteasy-reactive-common

CVE-2019-18394 Vulnerability in maven package org.igniterealtime.openfire:xmppserver

CVE-2023-29208 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore

CVE-2016-4970 Vulnerability in maven package io.netty:netty-handler

CVE-2023-33939 Vulnerability in maven package com.liferay:com.liferay.portal.search.web

Severity

High

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Patch Vendor Advisory