EPSS
Percentile
24.8%
opencast-kernel is vulnerable to authorization bypass. The vulnerability exists as a user with the non-standard role, ROLE_COURSE_ADMIN, is able to create new users using the user-utils endpoint.
ROLE_COURSE_ADMIN
github.com/advisories/GHSA-94qw-r73x-j7hg
github.com/opencast/opencast/commit/72fad0031d8a82c860e2bde0b27570c5042320ee
github.com/opencast/opencast/security/advisories/GHSA-94qw-r73x-j7hg