3 matches found
CVE-2022-29232
BigBlueButton is an open source web conferencing system. Starting with version 2.2 and prior to versions 2.3.9 and 2.4-beta-1, an attacker can circumvent access controls to obtain the content of public chat messages from different meetings on the server. The attacker must be a participant in a...
CVE-2022-29232 Exposure of messages in BigBlueButton public chats
BigBlueButton is an open source web conferencing system. Starting with version 2.2 and prior to versions 2.3.9 and 2.4-beta-1, an attacker can circumvent access controls to obtain the content of public chat messages from different meetings on the server. The attacker must be a participant in a...
CVE-2022-29232
CVE-2022-29232 affects BigBlueButton: versions prior to 2.3.9 and 2.4-beta-1 disclose public chat messages across meetings to participants in a server where access controls are bypassed. The root cause is improper access control for meeting chat content. Patches are available in 2.3.9 and 2.4-bet...