CVE-2024-38518 bbb-web API additional parameters considered

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an...

PT-2024-28046 · Unknown · Bigbluebutton

Name of the Vulnerable Software and Affected Versions: BigBlueButton versions prior to 2.6.18 BigBlueButton versions prior to 2.7.8 BigBlueButton versions prior to 3.0.0-alpha.7 Description: BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An...