578 matches found
CVE-2025-61601 BigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutation
BigBlueButton is an open-source virtual classroom. A Denial of Service DoS vulnerability in versions prior to 3.0.13 allows any authenticated user to freeze or crash the entire server by abusing the polling feature's Choices response type. By submitting a malicious payload with a massive array in...
CVE-2025-55200
BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting XSS vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious...
EUVD-2025-33584
BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting XSS vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious...
CVE-2025-55200 BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes
BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting XSS vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious...
CVE-2025-55200
BigBlueButton has a Stored XSS vulnerability in the Shared Notes feature prior to version 3.0.13. The issue arises from unsafely handling the Username field, allowing a low-privilege user to inject arbitrary JavaScript that can execute in the context of higher-privileged users (e.g., Admins) who ...
BigBlueButton 安全漏洞
BigBlueButton is an open source web conferencing system from the BigBlueButton community. A security vulnerability exists in BigBlueButton versions prior to 3.0.13 that stems from sending malformed reactionEmojiId, which could lead to a denial of service attack...
PT-2025-41453
Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton, an open-source virtual classroom, has a Stored Cross-Site Scripting XSS issue in the "Shared Notes" feature. The input location for this issue is the Username field, and the...
BigBlueButton 安全漏洞
BigBlueButton is an open source web conferencing system from the BigBlueButton community. A security vulnerability exists in BigBlueButton versions prior to 3.0.13, which stems from mishandling of the Choices response type for the polling feature, which could lead to a denial of service attack...
BigBlueButton 跨站脚本漏洞
BigBlueButton is an open source web conferencing system from the BigBlueButton community. A cross-site scripting vulnerability exists in BigBlueButton versions prior to 3.0.13, which stems from improperly cleaned input of the user name field in the Shared Notes feature, and could lead to a stored...
PT-2025-41490
Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton is an open-source virtual classroom. A denial-of-service DoS condition exists in versions prior to 3.0.13. An authenticated user can disrupt chat functionality for all meeting...
PT-2025-41489
Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton is an open-source virtual classroom. A Denial of Service DoS issue exists that allows any authenticated user to freeze or crash the server by abusing the polling feature's Choice...
EUVD-2020-21425
Malware in sbrugna...
EUVD-2020-4428
Malware in sbrugna...
EUVD-2020-20118
Malware in sbrugna...
EUVD-2020-20115
Malware in sbrugna...
EUVD-2020-21339
Malware in sbrugna...
EUVD-2020-21340
Malware in sbrugna...
EUVD-2020-20108
Malware in sbrugna...
EUVD-2020-18456
Malware in sbrugna...
EUVD-2020-4429
Malware in sbrugna...