Apache OpenMeetings version 3.1.0 suffers from a cross site scripting vulnerability.
7cd4363e2b99732754cd02499cfb4501e7c27fb5b0c5ad53d5bfc6fcb86f6281
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings 3.1.0
Description: The value of the URL's "swf" query parameter is
interpolated into the JavaScript tag without being escaped, leading to
the reflected XSS.
All users are recommended to upgrade to Apache OpenMeetings 3.1.2
Credit: This issue was identified by Matthew Daley
Apache OpenMeetings Team