CVE-2025-55200 BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes

BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.13, the "Shared Notes" feature contains a Stored Cross-Site Scripting XSS vulnerability with the input location being the "Username" field and the output location on the "Shared Notes" page, when a user with a malicious...