CVE-2025-55202

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Opencast versions prior to 17.7 Opencast version 18.0

Description Opencast is a platform for managing educational audio and video content. Insufficient protections against path traversal attacks in the UI config module could allow attackers access to files within another folder that starts with the same path. The path is checked without checking for the file separator.

Recommendations Update to version 17.7 or later. Update to version 18.1 or later. Check for folders that start with the same path as the ui-config folder.

Exploit

Fix

Relative Path Traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-23

Related Identifiers

CVE-2025-55202

GHSA-HQ8M-V68G-8CF8

Affected Products

Opencast

CVE-2025-55202

Weakness Enumeration

Related Identifiers

Affected Products

References · 10