BigBlueButton is a Web conferencing system. versions prior to BigBlueButton 2.4.8 and prior to 2.5.0 have a cross-site scripting vulnerability that stems from the fact that users in private chat-enabled conferences are vulnerable to cross-site scripting attacks. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
bigbluebutton bigbluebutton | lt | 2.5.0 | |
bigbluebutton bigbluebutton | lt | 2.4.8 |