CVE-2020-27603
BigBlueButton prior to 2.2.27 is affected by an unsafe JODConverter setting that allows LibreOffice document conversions to access external files. The root cause is the JODConverter configuration used during server-side rendering, enabling potential data exfiltration via LibreOffice processing. T...