Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.
{
"nvd_published_at": "2017-11-17T22:29:00Z",
"severity": "HIGH",
"cwe_ids": [
"CWE-74"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-26T21:37:20Z"
}