4 matches found
CVE-2022-41961
creationtimestamp| type| source ---|---|--- 2022-12-16 16:24:20+00:00| seen| https://t.me/cibsecurity/54660 2025-04-17 17:57:38+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12303...
CVE-2022-41961 BigBlueButton subject to Ineffective user bans
BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered...
CVE-2022-41961
CVE-2022-41961 affects BigBlueButton. Versions prior to 2.4-rc-6 are vulnerable to ineffective user bans: banning a user does not remove all accounts tied to the same extId, allowing an attacker who registers multiple users to rejoin a meeting. Root cause is insufficient permission/data purge whe...
CVE-2022-41961 BigBlueButton subject to Ineffective user bans
BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered...