Vulnerabilities > Bigbluebutton > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-02 CVE-2022-29233 Improper Authorization vulnerability in Bigbluebutton
BigBlueButton is an open source web conferencing system.
network
low complexity
bigbluebutton CWE-285
5.0
5.0
2022-06-02 CVE-2022-29234 Improper Authorization vulnerability in Bigbluebutton
BigBlueButton is an open source web conferencing system.
network
low complexity
bigbluebutton CWE-285
4.3
4.3
2022-06-02 CVE-2022-29235 Unspecified vulnerability in Bigbluebutton
BigBlueButton is an open source web conferencing system.
network
low complexity
bigbluebutton
5.3
5.3
2022-06-02 CVE-2022-29236 Improper Authorization vulnerability in Bigbluebutton
BigBlueButton is an open source web conferencing system.
network
low complexity
bigbluebutton CWE-285
4.3
4.3
2022-06-01 CVE-2022-29232 Information Exposure vulnerability in Bigbluebutton
BigBlueButton is an open source web conferencing system.
network
low complexity
bigbluebutton CWE-200
4.0
4.0
2022-01-19 CVE-2021-4143 Cross-site Scripting vulnerability in Bigbluebutton
Cross-site Scripting (XSS) - Generic in GitHub repository bigbluebutton/bigbluebutton prior to 2.4.0. 		4.3
4.3
2020-11-26 CVE-2020-29043 Missing Authorization vulnerability in Bigbluebutton
An issue was discovered in BigBlueButton through 2.2.29.
network
low complexity
bigbluebutton CWE-862
5.0
5.0
2020-11-26 CVE-2020-29042 Improper Restriction of Excessive Authentication Attempts vulnerability in Bigbluebutton
An issue was discovered in BigBlueButton through 2.2.29. 		4.3
4.3
2020-11-19 CVE-2020-28954 Improper Encoding or Escaping of Output vulnerability in Bigbluebutton
web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name.
network
low complexity
bigbluebutton CWE-116
5.0
5.0
2020-11-19 CVE-2020-28953 Incorrect Permission Assignment for Critical Resource vulnerability in Bigbluebutton
In BigBlueButton before 2.2.29, a user can vote more than once in a single poll.
network
low complexity
bigbluebutton CWE-732
4.0
4.0