CVE-2026-27736
BigBlueButton Open Redirect CVE-2026-27736 affects the 3.x branch before version 3.0.20. The vulnerability arises because the errorRedirectUrl string is not validated and is used directly in respondWithRedirect, enabling an open redirect. The issue is fixed in BigBlueButton 3.0.20. No exploitatio...