Cross-Site Scripting Vulnerability in BigBlueButton Greenlight by BigBlueButton

CVE-2020-27642

What is CVE-2020-27642?

A cross-site scripting (XSS) vulnerability is found in the 'merge account' functionality of BigBlueButton Greenlight version 2.7.6. This flaw could allow an attacker to inject malicious scripts into web pages viewed by users, potentially compromising user sessions or exposing sensitive information.

References