Vulnerabilities > Bigbluebutton > Bigbluebutton
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-29 | CVE-2020-27601 | Exposure of Resource to Wrong Sphere vulnerability in Bigbluebutton In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened chats. | 3.5 |
2022-09-29 | CVE-2020-27602 | Injection vulnerability in Bigbluebutton BigBlueButton before 2.2.7 does not have a protection mechanism for separator injection in meetingId, userId, and authToken. | 9.8 |
2022-06-27 | CVE-2022-31064 | Cross-site Scripting vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 2.1 |
2022-06-27 | CVE-2022-31065 | Cross-site Scripting vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 4.3 |
2022-06-24 | CVE-2022-27238 | Cross-site Scripting vulnerability in Bigbluebutton BigBlueButton version 2.4.7 (or earlier) is vulnerable to stored Cross-Site Scripting (XSS) in the private chat functionality. | 3.5 |
2022-06-02 | CVE-2022-29233 | Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 5.0 |
2022-06-02 | CVE-2022-29234 | Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 4.3 |
2022-06-02 | CVE-2022-29235 | Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 5.3 |
2022-06-02 | CVE-2022-29236 | Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 4.3 |
2022-06-01 | CVE-2022-29169 | Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. | 7.5 |