Opencast-ingest-service-impl is vulnerable to authentication bypass. The vulnerability exists in addContentToRepo
function in IngestServiceImpl.java
because opencast doesn’t properly restrict users when passing URLs which allows an attacker to gain access and bypass organizational barriers.