Opsysdebug

**Name of the Vulnerable Software and Affected Versions** Opencast versions prior to 17.7 Opencast version 18.0 **Description** Opencast is a platform for managing educational audio and video content. Insufficient protections against path traversal attacks in the UI config module could allow attackers access to files within another folder that starts with the same path. The path is checked without checking for the file separator. **Recommendations** Update to version 17.7 or later. Update to version 18.1 or later. Check for folders that start with the same path as the ui-config folder.