4Ra2N

Name of the Vulnerable Software and Affected Versions Apache OpenMeetings versions prior to 9.0.0 Description A registered user can query a web service with their credentials and retrieve metadata (id, type, name, and other fields from the `FileItemDTO` object) for files and sub-folders of any folder by ID. This is due to improper handling of insufficient privileges. Recommendations Upgrade to version 9.0.0.

Name of the Vulnerable Software and Affected Versions Apache OpenMeetings versions 6.1.0 through 9.0.0 Description A hard-coded cryptographic key is used in Apache OpenMeetings. The remember-me cookie encryption key is set to a default value in the `openmeetings.properties` file and is not automatically rotated. If the OpenMeetings administrator has not changed the default encryption key, an attacker who obtains a cookie from a logged-in user can potentially gain full user credentials. Recommendations Upgrade to version 9.0.0.

Name of the Vulnerable Software and Affected Versions Apache OpenMeetings versions 3.1.3 through 8.9.99 Description The REST login endpoint uses the HTTP GET method, transmitting the `username` and `password` as query parameters. This practice exposes sensitive credentials in server logs, browser history, and potentially through network monitoring. Recommendations Upgrade to version 9.0.0.