CVE-2025-61906

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Opencast versions prior to 17.8 Opencast versions prior to 18.2

Description Opencast is a platform for managing educational audio and video content. In certain scenarios, prior to versions 17.8 and 18.2, the editor could publish a video without user notification. This could result in the accidental publication of internal media, potentially exposing it. The likelihood of this occurring is considered very low, requiring users with write access to an event to use the editor and specifically click "Save & Publish" before selecting "Save".

Recommendations Update to Opencast version 17.8 or later. Update to Opencast version 18.2 or later.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2025-61906

GHSA-X6VW-P693-JJHV

Affected Products

Opencast

CVE-2025-61906

Weakness Enumeration

Related Identifiers

Affected Products

References · 8