2 matches found
CVE-2022-41962
BigBlueButton contains a vulnerability (CVE-2022-41962) described as Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users, whereas moderators should only be able to set none. Affected versions are p...
CVE-2022-41962 BigBlueButton contains Incorrect Authorization for setting emoji status
BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6, and 2.5-alpha-1 contain Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users. Moderators should only be able to s...