CVE-2022-41960
CVE-2022-41960 (BigBlueButton) affects BigBlueButton versions prior to 2.4.3. The issue is due to Insufficient Verification of Data Authenticity that allows a participant to trigger a Denial of Service by calling validateAuthToken with a victim’s userId, meetingId, and an invalid authToken. The v...