CVE-2017-1000221

CVE-2017-1000221

In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a user with the role ROLE_USER will have access to recordings published only for ROLE_USER_X.

Source: CVE-2017-1000221

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다