Lucene search
K

578 matches found

Cvelist
Cvelist
added 2025/10/09 8:29 p.m.10 views

CVE-2025-61601 BigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutation

BigBlueButton is an open-source virtual classroom. A Denial of Service DoS vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature's Choices response type. By submitting a malicious payload with a massive array in...

7.5CVSS0.0043EPSS
Exploits1References3
NVD
NVD
added 2025/10/09 7:15 p.m.7 views

CVE-2025-55200

BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting XSS vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious...

7.1CVSS0.00222EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/09 6:51 p.m.4 views

EUVD-2025-33584

BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting XSS vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious...

7.1CVSS5.2AI score0.00222EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/09 6:51 p.m.5 views

CVE-2025-55200 BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes

BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting XSS vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious...

7.1CVSS5.3AI score0.00222EPSS
Exploits0References4
CVE
CVE
added 2025/10/09 6:51 p.m.19 views

CVE-2025-55200

BigBlueButton has a Stored XSS vulnerability in the Shared Notes feature prior to version 3.0.13. The issue arises from unsafely handling the Username field, allowing a low-privilege user to inject arbitrary JavaScript that can execute in the context of higher-privileged users (e.g., Admins) who ...

7.1CVSS5.3AI score0.00222EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.4 views

BigBlueButton 安全漏洞

BigBlueButton is an open source web conferencing system from the BigBlueButton community. A security vulnerability exists in BigBlueButton versions prior to 3.0.13 that stems from sending malformed reactionEmojiId, which could lead to a denial of service attack...

7.5CVSS6.5AI score0.00358EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.6 views

PT-2025-41453

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton, an open-source virtual classroom, has a Stored Cross-Site Scripting XSS issue in the "Shared Notes" feature. The input location for this issue is the Username field, and the...

7.8CVSS5.7AI score0.00222EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.5 views

BigBlueButton 安全漏洞

BigBlueButton is an open source web conferencing system from the BigBlueButton community. A security vulnerability exists in BigBlueButton versions prior to 3.0.13, which stems from mishandling of the Choices response type for the polling feature, which could lead to a denial of service attack...

7.5CVSS6.5AI score0.0043EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.4 views

BigBlueButton 跨站脚本漏洞

BigBlueButton is an open source web conferencing system from the BigBlueButton community. A cross-site scripting vulnerability exists in BigBlueButton versions prior to 3.0.13, which stems from improperly cleaned input of the user name field in the Shared Notes feature, and could lead to a stored...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.6 views

PT-2025-41490

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton is an open-source virtual classroom. A denial-of-service DoS condition exists in versions prior to 3.0.13. An authenticated user can disrupt chat functionality for all meeting...

7.5CVSS6.5AI score0.00358EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.6 views

PT-2025-41489

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton is an open-source virtual classroom. A Denial of Service DoS issue exists that allows any authenticated user to freeze or crash the server by abusing the polling feature's Choice...

7.5CVSS6.5AI score0.0043EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-21425

Malware in sbrugna...

7.5CVSS7.5AI score0.01433EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-4428

Malware in sbrugna...

7.5CVSS8AI score0.05278EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-20118

Malware in sbrugna...

7.5CVSS7.4AI score0.00656EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-20115

Malware in sbrugna...

6.1CVSS6.3AI score0.00677EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-21339

Malware in sbrugna...

4.3CVSS4.8AI score0.00692EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-21340

Malware in sbrugna...

5.3CVSS5.5AI score0.01235EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-20108

Malware in sbrugna...

3.5CVSS4.8AI score0.00772EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2020-18456

Malware in sbrugna...

6.5CVSS6.8AI score0.08825EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-4429

Malware in sbrugna...

6.1CVSS6.3AI score0.00947EPSS
Exploits0References4
Rows per page
Query Builder