Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The sendHashByUser function in Apache OpenMeetings before 3.1.1 generates predictable password reset tokens, which makes it easier for remote attackers to reset arbitrary user passwords by leveraging knowledge of a user name and the current system time.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache OpenMeetings 安全漏洞
Vulnerability Description
Apache OpenMeetings是美国阿帕奇(Apache)软件基金会所研发的一套多语言可定制的视频会议和协作系统,它支持音频、视频并允许用户查看每个与会者的桌面等。 Apache OpenMeetings 3.1.1之前版本的‘sendHashByUser’函数存在安全漏洞,该漏洞源于程序生成可预测的密码重置令牌。远程攻击者可借助已知的用户名和当前的系统时间利用该漏洞重置任意用户密码。
CVSS Information
N/A
Vulnerability Type
N/A