Arbitrary Code Execution Vulnerability in Opencast 2.3.2 and Older Versions

CVE-2017-1000217 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.

Learn more about our Web Application Penetration Testing UK.