Vulnerabilities > Bigbluebutton > Greenlight
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-27 | CVE-2022-31039 | Incorrect Authorization vulnerability in Bigbluebutton Greenlight Greenlight is a simple front-end interface for your BigBlueButton server. | 5.0 |
| 2022-06-02 | CVE-2022-26497 | Cross-site Scripting vulnerability in Bigbluebutton Greenlight 2.11.1 BigBlueButton Greenlight 2.11.1 allows XSS. | 5.4 |
| 2020-10-22 | CVE-2020-27642 | Cross-site Scripting vulnerability in Bigbluebutton Greenlight 2.7.6 A cross-site scripting (XSS) vulnerability exists in the 'merge account' functionality in admins.js in BigBlueButton Greenlight 2.7.6. | 4.3 |
| 2020-09-30 | CVE-2020-26163 | Unspecified vulnerability in Bigbluebutton Greenlight BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result in Account Takeover if a victim follows a spoofed password-reset link. network bigbluebutton | 6.8 |