Filters
Bigbluebutton BigbluebuttonBigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)
5.6
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby
6.3
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton Path Traversal – Reading Certain File Extensions
5.3
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton Unrestricted File Upload vulnerability
8.8
First published (updated )
Bigbluebutton BigbluebuttonBlind SSRF When Uploading Presentation in BigBlueButton
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Bigbluebutton BigbluebuttonBigBlueButton vulnerable to Insertion of Sensitive Information Into Sent Data
7.5
First published (updated )
Bigbluebutton BigbluebuttonImproper access control to polling votes
4.3
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton contains Response leaks in anonymous polls
5.7
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton contains Improper Preservation of Permissions for whiteboard
3.1
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton contains Incorrect Authorization for setting emoji status
2.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Bigbluebutton BigbluebuttonBigBlueButton subject to Ineffective user bans
4.3
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton contains DoS via failed authToken validation
4.3
First published (updated )
Bigbluebutton BigbluebuttonCross site scripting in username that will trigger by sending chat
6.5
First published (updated )
Bigbluebutton BigbluebuttonCross site scripting vulnerability for private chat in bigbluebutton
6.5
First published (updated )
BigBlueButton GreenlightImproper privilege management - Anyone can view room settings in GreenLight
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Bigbluebutton BigbluebuttonLimited data exposure for shared external videos in BigBlueButton
5.3
First published (updated )
Bigbluebutton BigbluebuttonImproper access control for pencil annotations in BigBlueButton
4.3
First published (updated )
Bigbluebutton BigbluebuttonGrace period for lock settings in public/private chats in BigBlueButton
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Bigbluebutton BigbluebuttonImproper access control for breakout rooms in BigBlue Button
First published (updated )
Bigbluebutton BigbluebuttonExposure of messages in BigBlueButton public chats
6.5
First published (updated )
Bigbluebutton BigbluebuttonReDoS on endpoint html5client/useragent in BigBlueButton
7.5
First published (updated )
Bigbluebutton BigbluebuttonCross-site Scripting (XSS) - Generic in bigbluebutton/bigbluebutton
8.1
First published (updated )
Bigbluebutton BigbluebuttonAn issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because an u…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Bigbluebutton BigbluebuttonIn BigBlueButton before 2.2.29, a user can vote more than once in a single poll.
4.3
First published (updated )
Bigbluebutton Bigbluebuttonweb/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitiza…
5.3
First published (updated )
Bigbluebutton BigbluebuttonIn BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened…
3.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Bigbluebutton BigbluebuttonBigBlueButton before 2.2.27 has an unsafe JODConverter setting in which LibreOffice document convers…
7.5
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for re…
6.5
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and conseque…
9.8
First published (updated )
Bigbluebutton BigbluebuttonIn BigBlueButton before 2.2.28 (or earlier), the client-side Mute button only signifies that the ser…
6.5
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton through 2.2.28 records a video meeting despite the deactivation of video recording in …
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Bigbluebutton BigbluebuttonBigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an uni…
7.5
First published (updated )
Bigbluebutton BigbluebuttonThe installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITC…
8.4
First published (updated )
Bigbluebutton BigbluebuttonThe installation procedure in BigBlueButton before 2.2.28 (or earlier) exposes certain network servi…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Bigbluebutton BigbluebuttonBigBlueButton before 2.2.28 (or earlier) does not set the secure flag for the session cookie in an h…
5.3
First published (updated )
Bigbluebutton BigbluebuttonBigBlueButton before 2.2.7 does not have a protection mechanism for separator injection in meetingId…
9.8
First published (updated )
BigBlueButton GreenlightBigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.