Lucene search
Greenlight Security Vulnerabilities - 2020
cve
BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result in Account Takeover if a victim follows a spoofed password-reset link.
8.8CVSS
8.6AI Score
0.005EPSS
2020-09-30 06:15 PM
23
cve
A cross-site scripting (XSS) vulnerability exists in the 'merge account' functionality in admins.js in BigBlueButton Greenlight 2.7.6.
6.1CVSS
5.9AI Score
0.001EPSS
2020-10-22 01:15 PM
19