Search criteria
148 vulnerabilities found for bigbluebutton by bigbluebutton
CVE-2026-27736 (GCVE-0-2026-27736)
Vulnerability from nvd – Published: 2026-02-25 16:27 – Updated: 2026-02-26 21:33
VLAI?
Title
BigBlueButton has Open Redirect vulnerability in ApiController
Summary
BigBlueButton is an open-source virtual classroom. In versions on the 3.x branch prior to 3.0.20, the string received with errorRedirectUrl lacks validation, using it directly in the respondWithRedirect function leads to an Open Redirect vulnerability. BigBlueButton 3.0.20 patches the issue. No known workarounds are available.
Severity ?
6.1 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
>= 3.0.0, < 3.0.20
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T21:07:12.375891Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T21:33:41.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions on the 3.x branch prior to 3.0.20, the string received with errorRedirectUrl lacks validation, using it directly in the respondWithRedirect function leads to an Open Redirect vulnerability. BigBlueButton 3.0.20 patches the issue. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T16:27:01.507Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-65cv-rg9f-qqrx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-65cv-rg9f-qqrx"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/691f92f3af0d6b796b91cb968977068663119812",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/691f92f3af0d6b796b91cb968977068663119812"
}
],
"source": {
"advisory": "GHSA-65cv-rg9f-qqrx",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton has Open Redirect vulnerability in ApiController"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-27736",
"datePublished": "2026-02-25T16:27:01.507Z",
"dateReserved": "2026-02-23T18:37:14.790Z",
"dateUpdated": "2026-02-26T21:33:41.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27467 (GCVE-0-2026-27467)
Vulnerability from nvd – Published: 2026-02-21 07:18 – Updated: 2026-02-24 18:49
VLAI?
Title
BigBlueButton: Audio from participants to the server initially unmuted
Summary
BigBlueButton is an open-source virtual classroom. In versions 3.0.19 and below, when first joining a session with the microphone muted, the client sends audio to the server regardless of mute state. Media is discarded at the server side, so it isn't audible to any participants, but this may allow for malicious server operators to access audio data. The behavior is only incorrect between joining the meeting and the first time the user unmutes. This issue has been fixed in version 3.0.20.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.20
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T18:48:55.387593Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T18:49:12.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions 3.0.19 and below, when first joining a session with the microphone muted, the client sends audio to the server regardless of mute state. Media is discarded at the server side, so it isn\u0027t audible to any participants, but this may allow for malicious server operators to access audio data. The behavior is only incorrect between joining the meeting and the first time the user unmutes. This issue has been fixed in version 3.0.20."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-21T07:18:26.156Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-6gj9-5rhm-68j8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-6gj9-5rhm-68j8"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/3aa47832bc2b17178799bd932453c226e8f95703",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/3aa47832bc2b17178799bd932453c226e8f95703"
}
],
"source": {
"advisory": "GHSA-6gj9-5rhm-68j8",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton: Audio from participants to the server initially unmuted"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-27467",
"datePublished": "2026-02-21T07:18:26.156Z",
"dateReserved": "2026-02-19T17:25:31.101Z",
"dateUpdated": "2026-02-24T18:49:12.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27466 (GCVE-0-2026-27466)
Vulnerability from nvd – Published: 2026-02-21 07:14 – Updated: 2026-02-24 18:48
VLAI?
Title
BigBlueButton: Exposed ClamAV port enables Denial of Service
Summary
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both ports (3310 and 7357) to the internet. A remote attacker can use this to send complex or large documents to clamd and waste server resources, or shutdown the clamd process. The clamd documentation explicitly warns about exposing this port. Enabling ufw (ubuntu firewall) during install does not help, because Docker routes container traffic through the nat table, which is not managed or restricted by ufw. Rules installed by ufw in the filter table have no effect on docker traffic. In addition, the provided example also mounts /var/bigbluebutton with write permissions into the container, which should not be required. Future vulnerabilities in clamd may allow attackers to manipulate files in that folder. Users are unaffected unless they have opted in to follow the extra instructions from BigBlueButton's documentation. This issue has been fixed in version 3.0.22.
Severity ?
7.2 (High)
CWE
- CWE-668 - Exposure of Resource to Wrong Sphere
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.22
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27466",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T18:47:59.043540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T18:48:15.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for \"Server Customization\" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both ports (3310 and 7357) to the internet. A remote attacker can use this to send complex or large documents to clamd and waste server resources, or shutdown the clamd process. The clamd documentation explicitly warns about exposing this port. Enabling ufw (ubuntu firewall) during install does not help, because Docker routes container traffic through the nat table, which is not managed or restricted by ufw. Rules installed by ufw in the filter table have no effect on docker traffic. In addition, the provided example also mounts /var/bigbluebutton with write permissions into the container, which should not be required. Future vulnerabilities in clamd may allow attackers to manipulate files in that folder. Users are unaffected unless they have opted in to follow the extra instructions from BigBlueButton\u0027s documentation. This issue has been fixed in version 3.0.22."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "CWE-668: Exposure of Resource to Wrong Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-21T07:14:49.851Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-wmhx-qw2p-w6gc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-wmhx-qw2p-w6gc"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/f3d33d94a9682e87c7d41f55700b19d61e1ab8b4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/f3d33d94a9682e87c7d41f55700b19d61e1ab8b4"
}
],
"source": {
"advisory": "GHSA-wmhx-qw2p-w6gc",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton: Exposed ClamAV port enables Denial of Service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-27466",
"datePublished": "2026-02-21T07:14:49.851Z",
"dateReserved": "2026-02-19T17:25:31.101Z",
"dateUpdated": "2026-02-24T18:48:15.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61602 (GCVE-0-2025-61602)
Vulnerability from nvd – Published: 2025-10-09 20:40 – Updated: 2025-10-10 14:30
VLAI?
Title
BigBlueButton vulnerable to Chat DoS via invalid reactionEmojiId
Summary
BigBlueButton is an open-source virtual classroom. A denial-of-service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to crash the chat functionality for all participants in a meeting by sending a malformed `reactionEmojiId` in the GraphQL mutation `chatSendMessageReaction`. Version 3.0.13 contains a patch. No known workarounds are available.
Severity ?
7.5 (High)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61602",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-10T14:30:47.957269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T14:30:50.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-45j2-m26c-3pcm"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. A denial-of-service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to crash the chat functionality for all participants in a meeting by sending a malformed `reactionEmojiId` in the GraphQL mutation `chatSendMessageReaction`. Version 3.0.13 contains a patch. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T20:40:04.658Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-45j2-m26c-3pcm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-45j2-m26c-3pcm"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/23651",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23651"
}
],
"source": {
"advisory": "GHSA-45j2-m26c-3pcm",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton vulnerable to Chat DoS via invalid reactionEmojiId"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-61602",
"datePublished": "2025-10-09T20:40:04.658Z",
"dateReserved": "2025-09-26T16:25:25.151Z",
"dateUpdated": "2025-10-10T14:30:50.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-61601 (GCVE-0-2025-61601)
Vulnerability from nvd – Published: 2025-10-09 20:29 – Updated: 2025-10-15 19:47
VLAI?
Title
BigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutation
Summary
BigBlueButton is an open-source virtual classroom. A Denial of Service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature's `Choices` response type. By submitting a malicious payload with a massive array in the `answerIds` field, the attacker can cause the current meeting — and potentially all meetings on the server — to become unresponsive. Version 3.0.13 contains a patch. No known workarounds are available.
Severity ?
7.5 (High)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61601",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T19:47:11.105155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T19:47:14.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-73j3-v3fq-fqx5"
},
{
"tags": [
"exploit"
],
"url": "https://www.youtube.com/watch?v=BwROSVIYjOY"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. A Denial of Service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature\u0027s `Choices` response type. By submitting a malicious payload with a massive array in the `answerIds` field, the attacker can cause the current meeting \u2014 and potentially all meetings on the server \u2014 to become unresponsive. Version 3.0.13 contains a patch. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T20:29:25.006Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-73j3-v3fq-fqx5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-73j3-v3fq-fqx5"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/23662",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23662"
},
{
"name": "https://www.youtube.com/watch?v=BwROSVIYjOY",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=BwROSVIYjOY"
}
],
"source": {
"advisory": "GHSA-73j3-v3fq-fqx5",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-61601",
"datePublished": "2025-10-09T20:29:25.006Z",
"dateReserved": "2025-09-26T16:25:25.151Z",
"dateUpdated": "2025-10-15T19:47:14.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-55200 (GCVE-0-2025-55200)
Vulnerability from nvd – Published: 2025-10-09 18:51 – Updated: 2025-10-09 19:08
VLAI?
Title
BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes
Summary
BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting (XSS) vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious username is editing content. This vulnerability allows a low-privileged user to execute arbitrary JavaScript in the context of higher-privileged users (e.g., Admins) who open the Shared Notes page. Version 3.0.13 fixes the issue.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55200",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T19:08:12.867816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T19:08:17.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the \"Shared Notes\" feature contains a Stored Cross-Site Scripting (XSS) vulnerability with the input location being the \"Username\" field and the output location on the \"Shared Notes\" page, when a user with a malicious username is editing content. This vulnerability allows a low-privileged user to execute arbitrary JavaScript in the context of higher-privileged users (e.g., Admins) who open the Shared Notes page. Version 3.0.13 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T18:51:57.884Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-9jv9-cjrm-grj2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-9jv9-cjrm-grj2"
},
{
"name": "https://github.com/bigbluebutton/bbb-pads/pull/67",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bbb-pads/pull/67"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/23693",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23693"
},
{
"name": "https://github.com/bigbluebutton/bbb-pads/releases/tag/v1.5.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bbb-pads/releases/tag/v1.5.4"
}
],
"source": {
"advisory": "GHSA-9jv9-cjrm-grj2",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-55200",
"datePublished": "2025-10-09T18:51:57.884Z",
"dateReserved": "2025-08-08T21:55:07.965Z",
"dateUpdated": "2025-10-09T19:08:17.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39302 (GCVE-0-2024-39302)
Vulnerability from nvd – Published: 2024-06-28 20:51 – Updated: 2024-08-02 04:19
VLAI?
Title
Some bbb-record-core files installed with wrong file permission
Summary
BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the `/usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0` directory with the goal of privilege escalation, potentially exposing sensitive information on the server. This issue has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.18
Affected: >= 2.7.0, < 2.7.8 Affected: >= 2.8.0, < 3.0.0-alpha.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39302",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:23:04.572464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T21:23:02.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:19:20.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-5966-9hw8-q96q",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-5966-9hw8-q96q"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/04e916798b6b1f53f88513df3168f009b57b8f18",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/04e916798b6b1f53f88513df3168f009b57b8f18"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/b9a46197ed924783f06a24381e923b3329b9c91a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/b9a46197ed924783f06a24381e923b3329b9c91a"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/f4502e4927609374f5356f824f5dac0101f9976a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/f4502e4927609374f5356f824f5dac0101f9976a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.18"
},
{
"status": "affected",
"version": "\u003e= 2.7.0, \u003c 2.7.8"
},
{
"status": "affected",
"version": "\u003e= 2.8.0, \u003c 3.0.0-alpha.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the `/usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0` directory with the goal of privilege escalation, potentially exposing sensitive information on the server. This issue has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T20:51:59.312Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-5966-9hw8-q96q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-5966-9hw8-q96q"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/04e916798b6b1f53f88513df3168f009b57b8f18",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/04e916798b6b1f53f88513df3168f009b57b8f18"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/b9a46197ed924783f06a24381e923b3329b9c91a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/b9a46197ed924783f06a24381e923b3329b9c91a"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/f4502e4927609374f5356f824f5dac0101f9976a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/f4502e4927609374f5356f824f5dac0101f9976a"
}
],
"source": {
"advisory": "GHSA-5966-9hw8-q96q",
"discovery": "UNKNOWN"
},
"title": "Some bbb-record-core files installed with wrong file permission"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-39302",
"datePublished": "2024-06-28T20:51:59.312Z",
"dateReserved": "2024-06-21T18:15:22.257Z",
"dateUpdated": "2024-08-02T04:19:20.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38518 (GCVE-0-2024-38518)
Vulnerability from nvd – Published: 2024-06-28 20:25 – Updated: 2024-08-02 04:12
VLAI?
Title
bbb-web API additional parameters considered
Summary
BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an attacker to join a meeting as moderator using a join link that was originally created for viewer access. This vulnerability has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7.
Severity ?
4.6 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.18
Affected: >= 2.7.0, < 2.7.8 Affected: >= 2.8.0, < 3.0.0-alpha.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T19:57:25.410885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T15:44:56.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4m48-49h7-f3c4",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4m48-49h7-f3c4"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/20279",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/20279"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/a9d436accdcd26ea66bed9f391488ac128cd62d1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/a9d436accdcd26ea66bed9f391488ac128cd62d1"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/ea6e9461dceae8fa593543d8c686f77bb8677e72",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/ea6e9461dceae8fa593543d8c686f77bb8677e72"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.18"
},
{
"status": "affected",
"version": "\u003e= 2.7.0, \u003c 2.7.8"
},
{
"status": "affected",
"version": "\u003e= 2.8.0, \u003c 3.0.0-alpha.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be \"role=moderator\", allowing an attacker to join a meeting as moderator using a join link that was originally created for viewer access. This vulnerability has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T20:25:40.743Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4m48-49h7-f3c4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4m48-49h7-f3c4"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/20279",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/20279"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/a9d436accdcd26ea66bed9f391488ac128cd62d1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/a9d436accdcd26ea66bed9f391488ac128cd62d1"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/ea6e9461dceae8fa593543d8c686f77bb8677e72",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/ea6e9461dceae8fa593543d8c686f77bb8677e72"
}
],
"source": {
"advisory": "GHSA-4m48-49h7-f3c4",
"discovery": "UNKNOWN"
},
"title": "bbb-web API additional parameters considered"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-38518",
"datePublished": "2024-06-28T20:25:40.743Z",
"dateReserved": "2024-06-18T16:37:02.727Z",
"dateUpdated": "2024-08-02T04:12:25.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43798 (GCVE-0-2023-43798)
Vulnerability from nvd – Published: 2023-10-30 22:24 – Updated: 2024-09-05 20:19
VLAI?
Title
BigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)
Summary
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery (SSRF). This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at `httpclient.execute` since the software no longer has to follow it when using `finalUrl`. There are no known workarounds. We recommend upgrading to a patched version of BigBlueButton.
Severity ?
5.6 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.12
Affected: >= 2.7.0-alpha.1, < 2.7.0-rc.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:52:11.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18494",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18494"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18580",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18580"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43798",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T20:19:07.980053Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T20:19:17.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.12"
},
{
"status": "affected",
"version": "\u003e= 2.7.0-alpha.1, \u003c 2.7.0-rc.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery (SSRF). This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at `httpclient.execute` since the software no longer has to follow it when using `finalUrl`. There are no known workarounds. We recommend upgrading to a patched version of BigBlueButton."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-30T22:24:59.109Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18494",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18494"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18580",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18580"
}
],
"source": {
"advisory": "GHSA-h98v-2h8w-99c4",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-43798",
"datePublished": "2023-10-30T22:24:59.109Z",
"dateReserved": "2023-09-22T14:51:42.340Z",
"dateUpdated": "2024-09-05T20:19:17.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43797 (GCVE-0-2023-43797)
Vulnerability from nvd – Published: 2023-10-30 22:18 – Updated: 2024-09-05 20:20
VLAI?
Title
BigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby
Summary
BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby messages starting in versions 2.6.11 and 2.7.0-beta.3. There are no known workarounds.
Severity ?
6.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.11
Affected: >= 2.7.0-alpha.1, < 2.7.0-beta.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:52:11.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18392",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18392"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43797",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T20:19:44.962386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T20:20:01.467Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.11"
},
{
"status": "affected",
"version": "\u003e= 2.7.0-alpha.1, \u003c 2.7.0-beta.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby messages starting in versions 2.6.11 and 2.7.0-beta.3. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-30T22:22:40.879Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18392",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18392"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d"
}
],
"source": {
"advisory": "GHSA-v6wg-q866-h73x",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-43797",
"datePublished": "2023-10-30T22:18:11.821Z",
"dateReserved": "2023-09-22T14:51:42.339Z",
"dateUpdated": "2024-09-05T20:20:01.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42804 (GCVE-0-2023-42804)
Vulnerability from nvd – Published: 2023-10-30 18:14 – Updated: 2024-09-05 20:23
VLAI?
Title
BigBlueButton Path Traversal – Reading Certain File Extensions
Summary
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.1 has a path traversal vulnerability that allows an attacker with a valid starting folder path, to traverse and read other files without authentication, assuming the files have certain extensions (txt, swf, svg, png). In version 2.6.0-beta.1, input validation was added on the parameters being passed and dangerous characters are stripped. There are no known workarounds.
Severity ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.0-beta.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/15960",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15960"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T20:22:39.156360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T20:23:14.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.0-beta.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.1 has a path traversal vulnerability that allows an attacker with a valid starting folder path, to traverse and read other files without authentication, assuming the files have certain extensions (txt, swf, svg, png). In version 2.6.0-beta.1, input validation was added on the parameters being passed and dangerous characters are stripped. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-30T18:14:41.419Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/15960",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15960"
}
],
"source": {
"advisory": "GHSA-3qjg-229m-vq84",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton Path Traversal \u2013 Reading Certain File Extensions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-42804",
"datePublished": "2023-10-30T18:14:41.419Z",
"dateReserved": "2023-09-14T16:13:33.306Z",
"dateUpdated": "2024-09-05T20:23:14.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-27736 (GCVE-0-2026-27736)
Vulnerability from cvelistv5 – Published: 2026-02-25 16:27 – Updated: 2026-02-26 21:33
VLAI?
Title
BigBlueButton has Open Redirect vulnerability in ApiController
Summary
BigBlueButton is an open-source virtual classroom. In versions on the 3.x branch prior to 3.0.20, the string received with errorRedirectUrl lacks validation, using it directly in the respondWithRedirect function leads to an Open Redirect vulnerability. BigBlueButton 3.0.20 patches the issue. No known workarounds are available.
Severity ?
6.1 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
>= 3.0.0, < 3.0.20
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T21:07:12.375891Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T21:33:41.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions on the 3.x branch prior to 3.0.20, the string received with errorRedirectUrl lacks validation, using it directly in the respondWithRedirect function leads to an Open Redirect vulnerability. BigBlueButton 3.0.20 patches the issue. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T16:27:01.507Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-65cv-rg9f-qqrx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-65cv-rg9f-qqrx"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/691f92f3af0d6b796b91cb968977068663119812",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/691f92f3af0d6b796b91cb968977068663119812"
}
],
"source": {
"advisory": "GHSA-65cv-rg9f-qqrx",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton has Open Redirect vulnerability in ApiController"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-27736",
"datePublished": "2026-02-25T16:27:01.507Z",
"dateReserved": "2026-02-23T18:37:14.790Z",
"dateUpdated": "2026-02-26T21:33:41.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27467 (GCVE-0-2026-27467)
Vulnerability from cvelistv5 – Published: 2026-02-21 07:18 – Updated: 2026-02-24 18:49
VLAI?
Title
BigBlueButton: Audio from participants to the server initially unmuted
Summary
BigBlueButton is an open-source virtual classroom. In versions 3.0.19 and below, when first joining a session with the microphone muted, the client sends audio to the server regardless of mute state. Media is discarded at the server side, so it isn't audible to any participants, but this may allow for malicious server operators to access audio data. The behavior is only incorrect between joining the meeting and the first time the user unmutes. This issue has been fixed in version 3.0.20.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.20
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T18:48:55.387593Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T18:49:12.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions 3.0.19 and below, when first joining a session with the microphone muted, the client sends audio to the server regardless of mute state. Media is discarded at the server side, so it isn\u0027t audible to any participants, but this may allow for malicious server operators to access audio data. The behavior is only incorrect between joining the meeting and the first time the user unmutes. This issue has been fixed in version 3.0.20."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-21T07:18:26.156Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-6gj9-5rhm-68j8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-6gj9-5rhm-68j8"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/3aa47832bc2b17178799bd932453c226e8f95703",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/3aa47832bc2b17178799bd932453c226e8f95703"
}
],
"source": {
"advisory": "GHSA-6gj9-5rhm-68j8",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton: Audio from participants to the server initially unmuted"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-27467",
"datePublished": "2026-02-21T07:18:26.156Z",
"dateReserved": "2026-02-19T17:25:31.101Z",
"dateUpdated": "2026-02-24T18:49:12.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27466 (GCVE-0-2026-27466)
Vulnerability from cvelistv5 – Published: 2026-02-21 07:14 – Updated: 2026-02-24 18:48
VLAI?
Title
BigBlueButton: Exposed ClamAV port enables Denial of Service
Summary
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both ports (3310 and 7357) to the internet. A remote attacker can use this to send complex or large documents to clamd and waste server resources, or shutdown the clamd process. The clamd documentation explicitly warns about exposing this port. Enabling ufw (ubuntu firewall) during install does not help, because Docker routes container traffic through the nat table, which is not managed or restricted by ufw. Rules installed by ufw in the filter table have no effect on docker traffic. In addition, the provided example also mounts /var/bigbluebutton with write permissions into the container, which should not be required. Future vulnerabilities in clamd may allow attackers to manipulate files in that folder. Users are unaffected unless they have opted in to follow the extra instructions from BigBlueButton's documentation. This issue has been fixed in version 3.0.22.
Severity ?
7.2 (High)
CWE
- CWE-668 - Exposure of Resource to Wrong Sphere
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.22
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27466",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T18:47:59.043540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T18:48:15.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for \"Server Customization\" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both ports (3310 and 7357) to the internet. A remote attacker can use this to send complex or large documents to clamd and waste server resources, or shutdown the clamd process. The clamd documentation explicitly warns about exposing this port. Enabling ufw (ubuntu firewall) during install does not help, because Docker routes container traffic through the nat table, which is not managed or restricted by ufw. Rules installed by ufw in the filter table have no effect on docker traffic. In addition, the provided example also mounts /var/bigbluebutton with write permissions into the container, which should not be required. Future vulnerabilities in clamd may allow attackers to manipulate files in that folder. Users are unaffected unless they have opted in to follow the extra instructions from BigBlueButton\u0027s documentation. This issue has been fixed in version 3.0.22."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "CWE-668: Exposure of Resource to Wrong Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-21T07:14:49.851Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-wmhx-qw2p-w6gc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-wmhx-qw2p-w6gc"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/f3d33d94a9682e87c7d41f55700b19d61e1ab8b4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/f3d33d94a9682e87c7d41f55700b19d61e1ab8b4"
}
],
"source": {
"advisory": "GHSA-wmhx-qw2p-w6gc",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton: Exposed ClamAV port enables Denial of Service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-27466",
"datePublished": "2026-02-21T07:14:49.851Z",
"dateReserved": "2026-02-19T17:25:31.101Z",
"dateUpdated": "2026-02-24T18:48:15.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61602 (GCVE-0-2025-61602)
Vulnerability from cvelistv5 – Published: 2025-10-09 20:40 – Updated: 2025-10-10 14:30
VLAI?
Title
BigBlueButton vulnerable to Chat DoS via invalid reactionEmojiId
Summary
BigBlueButton is an open-source virtual classroom. A denial-of-service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to crash the chat functionality for all participants in a meeting by sending a malformed `reactionEmojiId` in the GraphQL mutation `chatSendMessageReaction`. Version 3.0.13 contains a patch. No known workarounds are available.
Severity ?
7.5 (High)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61602",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-10T14:30:47.957269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T14:30:50.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-45j2-m26c-3pcm"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. A denial-of-service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to crash the chat functionality for all participants in a meeting by sending a malformed `reactionEmojiId` in the GraphQL mutation `chatSendMessageReaction`. Version 3.0.13 contains a patch. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T20:40:04.658Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-45j2-m26c-3pcm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-45j2-m26c-3pcm"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/23651",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23651"
}
],
"source": {
"advisory": "GHSA-45j2-m26c-3pcm",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton vulnerable to Chat DoS via invalid reactionEmojiId"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-61602",
"datePublished": "2025-10-09T20:40:04.658Z",
"dateReserved": "2025-09-26T16:25:25.151Z",
"dateUpdated": "2025-10-10T14:30:50.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-61601 (GCVE-0-2025-61601)
Vulnerability from cvelistv5 – Published: 2025-10-09 20:29 – Updated: 2025-10-15 19:47
VLAI?
Title
BigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutation
Summary
BigBlueButton is an open-source virtual classroom. A Denial of Service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature's `Choices` response type. By submitting a malicious payload with a massive array in the `answerIds` field, the attacker can cause the current meeting — and potentially all meetings on the server — to become unresponsive. Version 3.0.13 contains a patch. No known workarounds are available.
Severity ?
7.5 (High)
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61601",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T19:47:11.105155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T19:47:14.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-73j3-v3fq-fqx5"
},
{
"tags": [
"exploit"
],
"url": "https://www.youtube.com/watch?v=BwROSVIYjOY"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. A Denial of Service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature\u0027s `Choices` response type. By submitting a malicious payload with a massive array in the `answerIds` field, the attacker can cause the current meeting \u2014 and potentially all meetings on the server \u2014 to become unresponsive. Version 3.0.13 contains a patch. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T20:29:25.006Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-73j3-v3fq-fqx5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-73j3-v3fq-fqx5"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/23662",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23662"
},
{
"name": "https://www.youtube.com/watch?v=BwROSVIYjOY",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=BwROSVIYjOY"
}
],
"source": {
"advisory": "GHSA-73j3-v3fq-fqx5",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-61601",
"datePublished": "2025-10-09T20:29:25.006Z",
"dateReserved": "2025-09-26T16:25:25.151Z",
"dateUpdated": "2025-10-15T19:47:14.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-55200 (GCVE-0-2025-55200)
Vulnerability from cvelistv5 – Published: 2025-10-09 18:51 – Updated: 2025-10-09 19:08
VLAI?
Title
BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes
Summary
BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting (XSS) vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious username is editing content. This vulnerability allows a low-privileged user to execute arbitrary JavaScript in the context of higher-privileged users (e.g., Admins) who open the Shared Notes page. Version 3.0.13 fixes the issue.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 3.0.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55200",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T19:08:12.867816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T19:08:17.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 3.0.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the \"Shared Notes\" feature contains a Stored Cross-Site Scripting (XSS) vulnerability with the input location being the \"Username\" field and the output location on the \"Shared Notes\" page, when a user with a malicious username is editing content. This vulnerability allows a low-privileged user to execute arbitrary JavaScript in the context of higher-privileged users (e.g., Admins) who open the Shared Notes page. Version 3.0.13 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T18:51:57.884Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-9jv9-cjrm-grj2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-9jv9-cjrm-grj2"
},
{
"name": "https://github.com/bigbluebutton/bbb-pads/pull/67",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bbb-pads/pull/67"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/23693",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23693"
},
{
"name": "https://github.com/bigbluebutton/bbb-pads/releases/tag/v1.5.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bbb-pads/releases/tag/v1.5.4"
}
],
"source": {
"advisory": "GHSA-9jv9-cjrm-grj2",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-55200",
"datePublished": "2025-10-09T18:51:57.884Z",
"dateReserved": "2025-08-08T21:55:07.965Z",
"dateUpdated": "2025-10-09T19:08:17.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39302 (GCVE-0-2024-39302)
Vulnerability from cvelistv5 – Published: 2024-06-28 20:51 – Updated: 2024-08-02 04:19
VLAI?
Title
Some bbb-record-core files installed with wrong file permission
Summary
BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the `/usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0` directory with the goal of privilege escalation, potentially exposing sensitive information on the server. This issue has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.18
Affected: >= 2.7.0, < 2.7.8 Affected: >= 2.8.0, < 3.0.0-alpha.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39302",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:23:04.572464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T21:23:02.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:19:20.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-5966-9hw8-q96q",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-5966-9hw8-q96q"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/04e916798b6b1f53f88513df3168f009b57b8f18",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/04e916798b6b1f53f88513df3168f009b57b8f18"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/b9a46197ed924783f06a24381e923b3329b9c91a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/b9a46197ed924783f06a24381e923b3329b9c91a"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/f4502e4927609374f5356f824f5dac0101f9976a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/f4502e4927609374f5356f824f5dac0101f9976a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.18"
},
{
"status": "affected",
"version": "\u003e= 2.7.0, \u003c 2.7.8"
},
{
"status": "affected",
"version": "\u003e= 2.8.0, \u003c 3.0.0-alpha.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the `/usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0` directory with the goal of privilege escalation, potentially exposing sensitive information on the server. This issue has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T20:51:59.312Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-5966-9hw8-q96q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-5966-9hw8-q96q"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/04e916798b6b1f53f88513df3168f009b57b8f18",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/04e916798b6b1f53f88513df3168f009b57b8f18"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/b9a46197ed924783f06a24381e923b3329b9c91a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/b9a46197ed924783f06a24381e923b3329b9c91a"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/f4502e4927609374f5356f824f5dac0101f9976a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/f4502e4927609374f5356f824f5dac0101f9976a"
}
],
"source": {
"advisory": "GHSA-5966-9hw8-q96q",
"discovery": "UNKNOWN"
},
"title": "Some bbb-record-core files installed with wrong file permission"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-39302",
"datePublished": "2024-06-28T20:51:59.312Z",
"dateReserved": "2024-06-21T18:15:22.257Z",
"dateUpdated": "2024-08-02T04:19:20.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38518 (GCVE-0-2024-38518)
Vulnerability from cvelistv5 – Published: 2024-06-28 20:25 – Updated: 2024-08-02 04:12
VLAI?
Title
bbb-web API additional parameters considered
Summary
BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an attacker to join a meeting as moderator using a join link that was originally created for viewer access. This vulnerability has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7.
Severity ?
4.6 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.18
Affected: >= 2.7.0, < 2.7.8 Affected: >= 2.8.0, < 3.0.0-alpha.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T19:57:25.410885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T15:44:56.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4m48-49h7-f3c4",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4m48-49h7-f3c4"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/20279",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/20279"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/a9d436accdcd26ea66bed9f391488ac128cd62d1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/a9d436accdcd26ea66bed9f391488ac128cd62d1"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/ea6e9461dceae8fa593543d8c686f77bb8677e72",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/ea6e9461dceae8fa593543d8c686f77bb8677e72"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.18"
},
{
"status": "affected",
"version": "\u003e= 2.7.0, \u003c 2.7.8"
},
{
"status": "affected",
"version": "\u003e= 2.8.0, \u003c 3.0.0-alpha.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be \"role=moderator\", allowing an attacker to join a meeting as moderator using a join link that was originally created for viewer access. This vulnerability has been patched in version(s) 2.6.18, 2.7.8 and 3.0.0-alpha.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T20:25:40.743Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4m48-49h7-f3c4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-4m48-49h7-f3c4"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/20279",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/20279"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/a9d436accdcd26ea66bed9f391488ac128cd62d1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/a9d436accdcd26ea66bed9f391488ac128cd62d1"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/ea6e9461dceae8fa593543d8c686f77bb8677e72",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/ea6e9461dceae8fa593543d8c686f77bb8677e72"
}
],
"source": {
"advisory": "GHSA-4m48-49h7-f3c4",
"discovery": "UNKNOWN"
},
"title": "bbb-web API additional parameters considered"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-38518",
"datePublished": "2024-06-28T20:25:40.743Z",
"dateReserved": "2024-06-18T16:37:02.727Z",
"dateUpdated": "2024-08-02T04:12:25.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43798 (GCVE-0-2023-43798)
Vulnerability from cvelistv5 – Published: 2023-10-30 22:24 – Updated: 2024-09-05 20:19
VLAI?
Title
BigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)
Summary
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery (SSRF). This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at `httpclient.execute` since the software no longer has to follow it when using `finalUrl`. There are no known workarounds. We recommend upgrading to a patched version of BigBlueButton.
Severity ?
5.6 (Medium)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.12
Affected: >= 2.7.0-alpha.1, < 2.7.0-rc.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:52:11.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18494",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18494"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18580",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18580"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43798",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T20:19:07.980053Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T20:19:17.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.12"
},
{
"status": "affected",
"version": "\u003e= 2.7.0-alpha.1, \u003c 2.7.0-rc.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery (SSRF). This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at `httpclient.execute` since the software no longer has to follow it when using `finalUrl`. There are no known workarounds. We recommend upgrading to a patched version of BigBlueButton."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-30T22:24:59.109Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18494",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18494"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18580",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18580"
}
],
"source": {
"advisory": "GHSA-h98v-2h8w-99c4",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-43798",
"datePublished": "2023-10-30T22:24:59.109Z",
"dateReserved": "2023-09-22T14:51:42.340Z",
"dateUpdated": "2024-09-05T20:19:17.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43797 (GCVE-0-2023-43797)
Vulnerability from cvelistv5 – Published: 2023-10-30 22:18 – Updated: 2024-09-05 20:20
VLAI?
Title
BigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby
Summary
BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby messages starting in versions 2.6.11 and 2.7.0-beta.3. There are no known workarounds.
Severity ?
6.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.11
Affected: >= 2.7.0-alpha.1, < 2.7.0-beta.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:52:11.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18392",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18392"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43797",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T20:19:44.962386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T20:20:01.467Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.11"
},
{
"status": "affected",
"version": "\u003e= 2.7.0-alpha.1, \u003c 2.7.0-beta.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby messages starting in versions 2.6.11 and 2.7.0-beta.3. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-30T22:22:40.879Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/18392",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18392"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d"
}
],
"source": {
"advisory": "GHSA-v6wg-q866-h73x",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-43797",
"datePublished": "2023-10-30T22:18:11.821Z",
"dateReserved": "2023-09-22T14:51:42.339Z",
"dateUpdated": "2024-09-05T20:20:01.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42804 (GCVE-0-2023-42804)
Vulnerability from cvelistv5 – Published: 2023-10-30 18:14 – Updated: 2024-09-05 20:23
VLAI?
Title
BigBlueButton Path Traversal – Reading Certain File Extensions
Summary
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.1 has a path traversal vulnerability that allows an attacker with a valid starting folder path, to traverse and read other files without authentication, assuming the files have certain extensions (txt, swf, svg, png). In version 2.6.0-beta.1, input validation was added on the parameters being passed and dangerous characters are stripped. There are no known workarounds.
Severity ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.0-beta.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/15960",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15960"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T20:22:39.156360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T20:23:14.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.0-beta.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.1 has a path traversal vulnerability that allows an attacker with a valid starting folder path, to traverse and read other files without authentication, assuming the files have certain extensions (txt, swf, svg, png). In version 2.6.0-beta.1, input validation was added on the parameters being passed and dangerous characters are stripped. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-30T18:14:41.419Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/15960",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15960"
}
],
"source": {
"advisory": "GHSA-3qjg-229m-vq84",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton Path Traversal \u2013 Reading Certain File Extensions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-42804",
"datePublished": "2023-10-30T18:14:41.419Z",
"dateReserved": "2023-09-14T16:13:33.306Z",
"dateUpdated": "2024-09-05T20:23:14.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42803 (GCVE-0-2023-42803)
Vulnerability from cvelistv5 – Published: 2023-10-30 18:11 – Updated: 2024-09-06 20:12
VLAI?
Title
BigBlueButton Unrestricted File Upload vulnerability
Summary
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds.
Severity ?
5.3 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| bigbluebutton | bigbluebutton |
Affected:
< 2.6.0-beta.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/15990",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T20:11:37.351065Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T20:12:00.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "bigbluebutton",
"vendor": "bigbluebutton",
"versions": [
{
"status": "affected",
"version": "\u003c 2.6.0-beta.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-30T18:11:35.630Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc"
},
{
"name": "https://github.com/bigbluebutton/bigbluebutton/pull/15990",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990"
}
],
"source": {
"advisory": "GHSA-w98f-6x8w-xhjc",
"discovery": "UNKNOWN"
},
"title": "BigBlueButton Unrestricted File Upload vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-42803",
"datePublished": "2023-10-30T18:11:35.630Z",
"dateReserved": "2023-09-14T16:13:33.306Z",
"dateUpdated": "2024-09-06T20:12:00.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2025-61601
Vulnerability from fkie_nvd - Published: 2025-10-09 21:15 - Updated: 2025-10-20 15:33
Severity ?
Summary
BigBlueButton is an open-source virtual classroom. A Denial of Service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature's `Choices` response type. By submitting a malicious payload with a massive array in the `answerIds` field, the attacker can cause the current meeting — and potentially all meetings on the server — to become unresponsive. Version 3.0.13 contains a patch. No known workarounds are available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigbluebutton | bigbluebutton | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF3725E-941E-4C75-AA27-20DC97552948",
"versionEndExcluding": "3.0.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. A Denial of Service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature\u0027s `Choices` response type. By submitting a malicious payload with a massive array in the `answerIds` field, the attacker can cause the current meeting \u2014 and potentially all meetings on the server \u2014 to become unresponsive. Version 3.0.13 contains a patch. No known workarounds are available."
}
],
"id": "CVE-2025-61601",
"lastModified": "2025-10-20T15:33:21.023",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-10-09T21:15:39.477",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23662"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-73j3-v3fq-fqx5"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=BwROSVIYjOY"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-73j3-v3fq-fqx5"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=BwROSVIYjOY"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-703"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-61602
Vulnerability from fkie_nvd - Published: 2025-10-09 21:15 - Updated: 2025-10-20 15:36
Severity ?
Summary
BigBlueButton is an open-source virtual classroom. A denial-of-service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to crash the chat functionality for all participants in a meeting by sending a malformed `reactionEmojiId` in the GraphQL mutation `chatSendMessageReaction`. Version 3.0.13 contains a patch. No known workarounds are available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigbluebutton | bigbluebutton | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF3725E-941E-4C75-AA27-20DC97552948",
"versionEndExcluding": "3.0.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. A denial-of-service (DoS) vulnerability in versions prior to 3.0.13 allows any authenticated user to crash the chat functionality for all participants in a meeting by sending a malformed `reactionEmojiId` in the GraphQL mutation `chatSendMessageReaction`. Version 3.0.13 contains a patch. No known workarounds are available."
}
],
"id": "CVE-2025-61602",
"lastModified": "2025-10-20T15:36:03.607",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-10-09T21:15:39.640",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23651"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-45j2-m26c-3pcm"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-45j2-m26c-3pcm"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-703"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-55200
Vulnerability from fkie_nvd - Published: 2025-10-09 19:15 - Updated: 2025-10-20 15:30
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting (XSS) vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious username is editing content. This vulnerability allows a low-privileged user to execute arbitrary JavaScript in the context of higher-privileged users (e.g., Admins) who open the Shared Notes page. Version 3.0.13 fixes the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigbluebutton | bigbluebutton | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF3725E-941E-4C75-AA27-20DC97552948",
"versionEndExcluding": "3.0.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the \"Shared Notes\" feature contains a Stored Cross-Site Scripting (XSS) vulnerability with the input location being the \"Username\" field and the output location on the \"Shared Notes\" page, when a user with a malicious username is editing content. This vulnerability allows a low-privileged user to execute arbitrary JavaScript in the context of higher-privileged users (e.g., Admins) who open the Shared Notes page. Version 3.0.13 fixes the issue."
}
],
"id": "CVE-2025-55200",
"lastModified": "2025-10-20T15:30:19.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-10-09T19:15:43.663",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Product"
],
"url": "https://github.com/bigbluebutton/bbb-pads/pull/67"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/bigbluebutton/bbb-pads/releases/tag/v1.5.4"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/23693"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-9jv9-cjrm-grj2"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-43798
Vulnerability from fkie_nvd - Published: 2023-10-30 23:15 - Updated: 2024-11-21 08:24
Severity ?
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery (SSRF). This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at `httpclient.execute` since the software no longer has to follow it when using `finalUrl`. There are no known workarounds. We recommend upgrading to a patched version of BigBlueButton.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigbluebutton | bigbluebutton | * | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07AC33B9-3067-4848-B48D-ABDD7286DE51",
"versionEndExcluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "C05D5D11-75BE-41FA-A62F-61F35B16BA9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "C23D21AA-EF44-4F61-9775-57E3AF206CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "1E95E50E-3C1E-438A-BAEC-AE0DF69B2937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "A7EC2B6A-1A13-40FE-85D6-30D596813394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "5A7D33D7-AE88-4ED4-82A4-BCFA7E828AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "49CCF586-942D-4B21-BFD2-486EF3FCDF7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery (SSRF). This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at `httpclient.execute` since the software no longer has to follow it when using `finalUrl`. There are no known workarounds. We recommend upgrading to a patched version of BigBlueButton."
},
{
"lang": "es",
"value": "BigBlueButton es un aula virtual de c\u00f3digo abierto. BigBlueButton anterior a las versiones 2.6.12 y 2.7.0-rc.1 es vulnerable a Server-Side Request Forgery (SSRF). Este problema es una omisi\u00f3n de CVE-2023-33176. Un parche en las versiones 2.6.12 y 2.7.0-rc.1 deshabilit\u00f3 el redireccionamiento de seguimiento en `httpclient.execute` ya que el software ya no tiene que seguirlo cuando usa `finalUrl`. No se conocen workarounds. Recomendamos actualizar a una versi\u00f3n parcheada de BigBlueButton."
}
],
"id": "CVE-2023-43798",
"lastModified": "2024-11-21T08:24:48.393",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-30T23:15:08.397",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18494"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18580"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-h98v-2h8w-99c4"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-43797
Vulnerability from fkie_nvd - Published: 2023-10-30 23:15 - Updated: 2024-11-21 08:24
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby messages starting in versions 2.6.11 and 2.7.0-beta.3. There are no known workarounds.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigbluebutton | bigbluebutton | * | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 | |
| bigbluebutton | bigbluebutton | 2.7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E83CAE24-2B29-4265-B5E8-17E89637F0DF",
"versionEndExcluding": "2.6.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "C05D5D11-75BE-41FA-A62F-61F35B16BA9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "C23D21AA-EF44-4F61-9775-57E3AF206CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "1E95E50E-3C1E-438A-BAEC-AE0DF69B2937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "A7EC2B6A-1A13-40FE-85D6-30D596813394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "5A7D33D7-AE88-4ED4-82A4-BCFA7E828AD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby messages starting in versions 2.6.11 and 2.7.0-beta.3. There are no known workarounds."
},
{
"lang": "es",
"value": "BigBlueButton es un aula virtual de c\u00f3digo abierto. Antes de las versiones 2.6.11 y 2.7.0-beta.3, Guest Lobby era vulnerable a cross-site scripting cuando los usuarios esperaban para ingresar a la reuni\u00f3n debido a la inserci\u00f3n de mensajes no sanitizados en el elemento mediante un HTML interno no seguro. Se agreg\u00f3 sanitizaci\u00f3n de texto para los mensajes del lobby a partir de las versiones 2.6.11 y 2.7.0-beta.3. No se conocen workarounds."
}
],
"id": "CVE-2023-43797",
"lastModified": "2024-11-21T08:24:48.270",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-30T23:15:08.317",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18392"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-42804
Vulnerability from fkie_nvd - Published: 2023-10-30 19:15 - Updated: 2024-11-21 08:23
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.1 has a path traversal vulnerability that allows an attacker with a valid starting folder path, to traverse and read other files without authentication, assuming the files have certain extensions (txt, swf, svg, png). In version 2.6.0-beta.1, input validation was added on the parameters being passed and dangerous characters are stripped. There are no known workarounds.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigbluebutton | bigbluebutton | * | |
| bigbluebutton | bigbluebutton | 2.6.0 | |
| bigbluebutton | bigbluebutton | 2.6.0 | |
| bigbluebutton | bigbluebutton | 2.6.0 | |
| bigbluebutton | bigbluebutton | 2.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3F6566-B94F-4CBC-B1BA-DACA51865D76",
"versionEndIncluding": "2.5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "83C1F894-31BC-4C2D-AD62-837D990257CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "84EE596E-A3F6-4B29-B51D-CAE19A74D5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "A8DD6CB9-0B7E-4C4E-BDC6-D8FD1B85882D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "1BA4033B-60B8-4674-98CA-F5794B905362",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.1 has a path traversal vulnerability that allows an attacker with a valid starting folder path, to traverse and read other files without authentication, assuming the files have certain extensions (txt, swf, svg, png). In version 2.6.0-beta.1, input validation was added on the parameters being passed and dangerous characters are stripped. There are no known workarounds."
},
{
"lang": "es",
"value": "BigBlueButton es un aula virtual de c\u00f3digo abierto. BigBlueButton anterior a la versi\u00f3n 2.6.0-beta.1 tiene una vulnerabilidad de path traversal que permite a un atacante con una ruta de carpeta de inicio v\u00e1lida atravesar y leer otros archivos sin autenticaci\u00f3n, asumiendo que los archivos tienen ciertas extensiones (txt, swf, svg, png). En la versi\u00f3n 2.6.0-beta.1, se agreg\u00f3 validaci\u00f3n de entrada en los par\u00e1metros que se pasan y se eliminan los caracteres peligrosos. No se conocen workarounds."
}
],
"id": "CVE-2023-42804",
"lastModified": "2024-11-21T08:23:11.483",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-30T19:15:08.037",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15960"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-42803
Vulnerability from fkie_nvd - Published: 2023-10-30 19:15 - Updated: 2024-11-21 08:23
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigbluebutton | bigbluebutton | * | |
| bigbluebutton | bigbluebutton | 2.6.0 | |
| bigbluebutton | bigbluebutton | 2.6.0 | |
| bigbluebutton | bigbluebutton | 2.6.0 | |
| bigbluebutton | bigbluebutton | 2.6.0 | |
| bigbluebutton | bigbluebutton | 2.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3F6566-B94F-4CBC-B1BA-DACA51865D76",
"versionEndIncluding": "2.5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "83C1F894-31BC-4C2D-AD62-837D990257CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "84EE596E-A3F6-4B29-B51D-CAE19A74D5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "A8DD6CB9-0B7E-4C4E-BDC6-D8FD1B85882D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "1BA4033B-60B8-4674-98CA-F5794B905362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "66F6441F-A11A-424B-BB9C-1CFF5F95B02E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds."
},
{
"lang": "es",
"value": "BigBlueButton es un aula virtual de c\u00f3digo abierto. BigBlueButton anterior a la versi\u00f3n 2.6.0-beta.2 es vulnerable a la carga de archivos sin restricciones, donde la llamada a la API insertDocument no valida la extensi\u00f3n de archivo dada antes de guardar el archivo y no la elimina en caso de fallas de validaci\u00f3n. BigBlueButton 2.6.0-beta.2 contiene un parche. No se conocen workarounds."
}
],
"id": "CVE-2023-42803",
"lastModified": "2024-11-21T08:23:11.353",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-30T19:15:07.963",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}