Vulnerabilities > Bigbluebutton > Bigbluebutton > 2.2.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2023-43797 | Cross-site Scripting vulnerability in Bigbluebutton BigBlueButton is an open-source virtual classroom. | 5.4 |
| 2023-10-30 | CVE-2023-43798 | Server-Side Request Forgery (SSRF) vulnerability in Bigbluebutton BigBlueButton is an open-source virtual classroom. | 5.4 |
| 2023-10-30 | CVE-2023-42803 | Unrestricted Upload of File with Dangerous Type vulnerability in Bigbluebutton BigBlueButton is an open-source virtual classroom. | 8.8 |
| 2023-10-30 | CVE-2023-42804 | Path Traversal vulnerability in Bigbluebutton BigBlueButton is an open-source virtual classroom. | 5.3 |
| 2023-06-26 | CVE-2023-33176 | Server-Side Request Forgery (SSRF) vulnerability in Bigbluebutton BigBlueButton is an open source virtual classroom designed to help teachers teach and learners learn. | 6.5 |
| 2022-12-17 | CVE-2022-23488 | Incorrect Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 7.5 |
| 2022-12-16 | CVE-2022-23490 | Incorrect Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 4.3 |
| 2022-06-24 | CVE-2022-27238 | Cross-site Scripting vulnerability in Bigbluebutton BigBlueButton version 2.4.7 (or earlier) is vulnerable to stored Cross-Site Scripting (XSS) in the private chat functionality. | 3.5 |
| 2022-06-02 | CVE-2022-29233 | Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 5.0 |
| 2022-06-02 | CVE-2022-29234 | Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 4.3 |