CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

CNNVD•added 2025/10/09 12:0 a.m.•3 views

BigBlueButton 跨站脚本漏洞

BigBlueButton is an open source web conferencing system from the BigBlueButton community. A cross-site scripting vulnerability exists in BigBlueButton versions prior to 3.0.13, which stems from improperly cleaned input of the user name field in the Shared Notes feature, and could lead to a stored...

7.1CVSS5.8AI score0.00222EPSS

Exploits0References5

Positive Technologies•added 2025/10/09 12:0 a.m.•5 views

PT-2025-41453

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton, an open-source virtual classroom, has a Stored Cross-Site Scripting XSS issue in the "Shared Notes" feature. The input location for this issue is the Username field, and the...

7.8CVSS5.7AI score0.00222EPSS

Exploits0References10

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2019-3788

Malware in sbrugna...

7.8CVSS7.5AI score0.06451EPSS

Exploits5References5

Huntr•added 2021/12/09 11:14 a.m.•37 views

Cross-site Scripting (XSS) - Generic in bigbluebutton/bigbluebutton

Description Shared notes panel is vulnerable to XSS when rendering a new note, due to missing username sanitization. Proof of Concept 1. 1.Start a new web conference and share the link with other people 2. 2.A malicious user joins the conference with the following username: 3. 3.As soon as the...

4.3CVSS2.2AI score0.0089EPSS

Exploits1References1