4 matches found
BigBlueButton 2.3 / 2.4.7 Cross Site Scripting
CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting XSS in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3, IV. References -----------------...
BigBlueButton 2.3 / 2.4.7 Cross Site Scripting Vulnerability
CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting XSS in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3, IV. References ------------------------- Security advisory...
CVE-2022-31064
BigBlueButton’s CVE-2022-31064 is a cross-site scripting (XSS) vulnerability in meetings with private chat enabled. Affected versions before 2.4.8 and before 2.5.0 allow an attacker to inject JavaScript when starting a private chat, which executes in the victim’s browser. Remediation per sources ...
CVE-2022-31064 Cross site scripting in username that will trigger by sending chat
BigBlueButton is an open source web conferencing system. Users in meetings with private chat enabled are vulnerable to a cross site scripting attack in affected versions. The attack occurs when the attacker with xss in the name starts a chat. in the victim's client the JavaScript will be executed...