Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-27	CVE-2022-31065	Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton	6.1
2022-06-24	CVE-2022-27238	Cross-site Scripting vulnerability in Bigbluebutton BigBlueButton version 2.4.7 (or earlier) is vulnerable to stored Cross-Site Scripting (XSS) in the private chat functionality. network low complexity bigbluebutton CWE-79	5.4
2022-06-02	CVE-2022-26497	Cross-site Scripting vulnerability in Bigbluebutton Greenlight 2.11.1 BigBlueButton Greenlight 2.11.1 allows XSS. network low complexity bigbluebutton CWE-79	5.4
2022-06-02	CVE-2022-29233	Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton	4.3
2022-06-02	CVE-2022-29234	Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton	4.3
2022-06-02	CVE-2022-29235	Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton	5.3
2022-06-02	CVE-2022-29236	Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton	4.3
2022-06-01	CVE-2022-29232	Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton	6.5
2022-01-19	CVE-2021-4143	Unspecified vulnerability in Bigbluebutton Cross-site Scripting (XSS) - Generic in GitHub repository bigbluebutton/bigbluebutton prior to 2.4.0. network low complexity bigbluebutton	6.1
2020-11-19	CVE-2020-28954	Improper Encoding or Escaping of Output vulnerability in Bigbluebutton web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name. network low complexity bigbluebutton CWE-116	5.3