Ho ba kotsing (CVE-2023-28936) ho kentsoe setsing sa komporo sa marang-rang sa Apache OpenMeetings se ka lumellang phihlello ea lipapatso le likamore tsa moqoqo. Bothata bo behiloe boemo bo tebileng ba ho teba. Kotsi e bakoa ke netefatso e fosahetseng ea hash e sebelisitsoeng ho hokahanya barupeluoa ba bacha. Phoso e bile teng ho tloha ha 2.0.0 e lokolloa mme e ne e tsitsitsoe ho Apache OpenMeetings 7.1.0 ntjhafatso e lokollotsoeng matsatsing a 'maloa a fetileng.
Ntle le moo, likotsi tse peli tse seng kotsi haholo li kentsoe ho Apache OpenMeetings 7.1.0:
- CVE-2023-29032 - Bokhoni ba ho qoba netefatso. Mohlaseli ea tsebang lintlha tse itseng tsa bohlokoa ka mosebelisi a ka iketsa mosebelisi e mong.
- CVE-2023-29246 - Karolo e se nang mohala e ka sebelisoang ho kenya khoutu ea hau ho seva haeba o khona ho fumana ak'haonte ea motsamaisi oa OpenMeetings.
Source: opennet.ru