CVE-2023-30860
CVE-2023-30860 affects WWBN AVideo prior to version 12.4. A normal user can create a Meeting Schedule and invite others, but input is not properly sanitized when creating a Meeting Room, allowing insertion of malicious scripts. Any user, including admins, can view the meeting room, enabling cooki...