CVE-2026-34020— Apache OpenMeetings 安全漏洞

Apache OpenMeetings: Login Credentials Passed via GET Query Parameters

Use of GET Request Method With Sensitive Query Strings vulnerability in Apache OpenMeetings. The REST login endpoint uses HTTP GET method with username and password passed as query parameters. Please check references regarding possible impact This issue affects Apache OpenMeetings: from 3.1.3 before 9.0.0. Users are recommended to upgrade to version 9.0.0, which fixes the issue.

N/A

通过GET请求中的查询字符串导致的信息暴露

Apache OpenMeetings 安全漏洞

Apache OpenMeetings是美国阿帕奇（Apache）基金会的一套多语言可定制的视频会议和协作系统。该产品支持音频、视频并允许用户查看每个与会者的桌面等。 Apache OpenMeetings 3.1.3至9.0.0之前版本存在安全漏洞，该漏洞源于使用GET请求方法传递敏感查询字符串，可能导致信息泄露。

N/A

N/A