Lucene search

K
osvGoogleOSV:CVE-2020-26163
HistorySep 30, 2020 - 6:15 p.m.

CVE-2020-26163

2020-09-3018:15:27
Google
osv.dev
9
bigbluebutton
greenlight
http header attacks
account takeover
password reset

AI Score

6.8

Confidence

High

EPSS

0.005

Percentile

76.8%

BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result in Account Takeover if a victim follows a spoofed password-reset link.

AI Score

6.8

Confidence

High

EPSS

0.005

Percentile

76.8%

Related for OSV:CVE-2020-26163