Vulnerabilities in bigbluebutton
35 resultsCVE-2022-29169HIGHReDoS on endpoint html5client/useragent in BigBlueButtonEPSS 1.4%CVE-2022-31064MEDIUMCross site scripting in username that will trigger by sending chatEPSS 1.2%CVE-2022-29232MEDIUMExposure of messages in BigBlueButton public chatsEPSS 1.0%CVE-2022-29235MEDIUMLimited data exposure for shared external videos in BigBlueButtonEPSS 1.0%CVE-2022-29233MEDIUMImproper access control for breakout rooms in BigBlue ButtonEPSS 1.0%CVE-2021-4143HIGHCross-site Scripting (XSS) - Generic in bigbluebutton/bigbluebuttonEPSS 0.9%CVE-2022-29236MEDIUMImproper access control for pencil annotations in BigBlueButtonEPSS 0.8%CVE-2022-29234MEDIUMGrace period for lock settings in public/private chats in BigBlueButtonEPSS 0.8%CVE-2022-31065MEDIUMCross site scripting vulnerability for private chat in bigbluebuttonEPSS 0.7%CVE-2022-41962LOWBigBlueButton contains Incorrect Authorization for setting emoji statusEPSS 0.7%CVE-2022-31039MEDIUMImproper privilege management - Anyone can view room settings in GreenLightEPSS 0.6%CVE-2022-23488MEDIUMBigBlueButton vulnerable to Insertion of Sensitive Information Into Sent DataEPSS 0.6%CVE-2022-41964MEDIUMBigBlueButton contains Response leaks in anonymous pollsEPSS 0.6%CVE-2023-42803MEDIUMBigBlueButton Unrestricted File Upload vulnerabilityEPSS 0.5%CVE-2023-42804LOWBigBlueButton Path Traversal – Reading Certain File ExtensionsEPSS 0.5%CVE-2024-39302LOWSome bbb-record-core files installed with wrong file permissionEPSS 0.5%CVE-2022-23490MEDIUMImproper access control to polling votesEPSS 0.4%CVE-2025-61601HIGHBigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutationEPSS 0.4%CVE-2023-43797MEDIUMBigBlueButton Stored Cross-site Scripting vulnerability at Guest LobbyEPSS 0.4%CVE-2022-41963LOWBigBlueButton contains Improper Preservation of Permissions for whiteboardEPSS 0.4%