Greenlight Security Vulnerabilities and Issues — Greenlight CVE List

Lucene search

BigbluebuttonGreenlight

2 matches found

CVE•added 2020/09/30 6:15 p.m.•31 views

CVE-2020-26163

BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result in Account Takeover if a victim follows a spoofed password-reset link.

8.8CVSS8.6AI score0.00484EPSS

CVE•added 2020/10/22 1:15 p.m.•27 views

CVE-2020-27642

A cross-site scripting (XSS) vulnerability exists in the 'merge account' functionality in admins.js in BigBlueButton Greenlight 2.7.6.

6.1CVSS5.9AI score0.00328EPSS