bigbluebutton Summary
Latest vulnerabilities published by bigbluebutton
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Denial-of-Service Vulnerability in BigBlueButton Open-Source Virtual Classroom
CVE-2025-61602BigbluebuttonBigbluebutton7.5HIGHDenial of Service Vulnerability in BigBlueButton by Blindside Networks
CVE-2025-61601BigbluebuttonBigbluebutton7.5HIGHStored Cross-Site Scripting Vulnerability in BigBlueButton's Shared Notes Feature
CVE-2025-55200BigbluebuttonBigbluebutton7.1HIGHAttacker May Exploit Overly Elevated File Permissions in BigBlueButton to Pose Privilege Escalation Risk
CVE-2024-39302BigbluebuttonBigbluebutton3.7LOWAttacker can trick BigBlueButton into generating a signed join link with additional parameters, allowing them to join a meeting as moderator
CVE-2024-38518BigbluebuttonBigbluebutton4.6MEDIUMGreenlight BigBlueButton Servers Vulnerable to Open Redirect
CVE-2022-36029BigbluebuttonGreenlight6.1MEDIUMGreenlight BigBlueButton Servers Vulnerable to Open Redirect
CVE-2022-36028BigbluebuttonGreenlight6.1MEDIUMBigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby
CVE-2023-43797BigbluebuttonBigbluebutton6.3MEDIUMBigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)
CVE-2023-43798BigbluebuttonBigbluebutton5.6MEDIUMBigBlueButton Unrestricted File Upload vulnerability
CVE-2023-42803BigbluebuttonBigbluebutton5.3MEDIUMBigBlueButton Path Traversal β Reading Certain File Extensions
CVE-2023-42804BigbluebuttonBigbluebutton3.1LOWBlind SSRF When Uploading Presentation in BigBlueButton
CVE-2023-33176BigbluebuttonBigbluebutton4.8MEDIUMBigBlueButton vulnerable to Insertion of Sensitive Information Into Sent Data
CVE-2022-23488BigbluebuttonBigbluebutton6.5MEDIUMImproper access control to polling votes
CVE-2022-23490BigbluebuttonBigbluebutton4.3MEDIUMBigBlueButton contains Response leaks in anonymous polls
CVE-2022-41964BigbluebuttonBigbluebutton5.7MEDIUMBigBlueButton contains Improper Preservation of Permissions for whiteboard
CVE-2022-41963BigbluebuttonBigbluebutton2.7LOWBigBlueButton contains Incorrect Authorization for setting emoji status
CVE-2022-41962BigbluebuttonBigbluebutton2.7LOWBigBlueButton subject to Ineffective user bans
CVE-2022-41961BigbluebuttonBigbluebutton4.3MEDIUMBigBlueButton contains DoS via failed authToken validation
CVE-2022-41960BigbluebuttonBigbluebutton4.3MEDIUMChat Privacy Bypass in BigBlueButton Web Conferencing Software
CVE-2020-27601BigbluebuttonBigbluebutton3.5LOWSeparator Injection Vulnerability in BigBlueButton by BigBlueButton Inc.
CVE-2020-27602BigbluebuttonBigbluebutton9.8CRITICALCross site scripting in username that will trigger by sending chat
CVE-2022-31064BigbluebuttonBigbluebutton6.5MEDIUMCross site scripting vulnerability for private chat in bigbluebutton
CVE-2022-31065BigbluebuttonBigbluebutton6.5MEDIUMImproper privilege management - Anyone can view room settings in GreenLight
CVE-2022-31039BigbluebuttonGreenlight4.3MEDIUMStored Cross-Site Scripting Vulnerability in BigBlueButton by Blindside Networks
CVE-2022-27238BigbluebuttonBigbluebutton5.4MEDIUM