Weak Cryptographic Storage and Lack of Brute Force Protection in Apache OpenMeetings 1.0.0

Weak Cryptographic Storage and Lack of Brute Force Protection in Apache OpenMeetings 1.0.0

CVE-2017-7673 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection.

Learn more about our Web Application Penetration Testing UK.