2 matches found
CVE-2022-41964 BigBlueButton contains Response leaks in anonymous polls
BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll...
CVE-2022-41964
CVE-2022-41964 affects BigBlueButton prior to version 2.4.0. The vulnerability allows a meeting presenter to subscribe to poll results before an anonymous poll starts, enabling viewing of individual responses in the poll. Root cause is an information-disclosure flaw in the poll result subscriptio...