A vulnerability classified as problematic has been found in Apache OpenMeetings up to 9.0.x. This vulnerability affects unknown code of the component Download Handler. The manipulation leads to path traversal.
This vulnerability is listed as CVE-2026-49488. The attack may be initiated remotely. There is no available exploit.