Uploaded image for project: 'Openmeetings'
  1. Openmeetings
  2. OPENMEETINGS-793

Possibility of Code Injection Vulnerability found.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • None
    • 4.0.0
    • None
    • None
    • flash version 11.2.202.243 , mozilla firefox, linux

    Description

      Code injection vulnerability. I was using flash version 11.2.202.243 and OM hosted at http://demo.dataved.ru/openmeetings/ . there is a possibility of code injection in chat room. I was able to pass javascript code to the browser engine in mozilla firefox (linux)

      Attachments

        1. 1.png
          79 kB
          rahul bhola
        2. 2.png
          116 kB
          rahul bhola

        Activity

          People

            solomax Maxim Solodovnik
            rahul_bhola rahul bhola
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: