Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2022/07/01 12:0 a.m.509 views

BigBlueButton 2.3 / 2.4.7 Cross Site Scripting

CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting XSS in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3, IV. References -----------------...

5.7AI score0.01207EPSS
Exploits3
0day.today
0day.today
added 2022/07/01 12:0 a.m.439 views

BigBlueButton 2.3 / 2.4.7 Cross Site Scripting Vulnerability

CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting XSS in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3, IV. References ------------------------- Security advisory...

6.5CVSS0.01207EPSS
Exploits3
CVE
CVE
added 2022/06/27 7:50 p.m.69 views

CVE-2022-31064

BigBlueButton’s CVE-2022-31064 is a cross-site scripting (XSS) vulnerability in meetings with private chat enabled. Affected versions before 2.4.8 and before 2.5.0 allow an attacker to inject JavaScript when starting a private chat, which executes in the victim’s browser. Remediation per sources ...

6.5CVSS5.3AI score0.01207EPSS
Exploits3References6Affected Software1
Cvelist
Cvelist
added 2022/06/27 7:50 p.m.47 views

CVE-2022-31064 Cross site scripting in username that will trigger by sending chat

BigBlueButton is an open source web conferencing system. Users in meetings with private chat enabled are vulnerable to a cross site scripting attack in affected versions. The attack occurs when the attacker with xss in the name starts a chat. in the victim's client the JavaScript will be executed...

6.5CVSS6.4AI score0.01207EPSS
Exploits3References6
Rows per page
Query Builder