BigBlueButton < 2.2.4 - Reflected Cross-Site Scripting (XSS)



Description
"XSS via closed captions because dangerouslySetInnerHTML in React is used."

Affects Plugin

fixed in version 2.2.4

References

CVE 2020-12113
URL https://github.com/bigbluebutton/bigbluebutton/releases/tag/v2.2.4

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Views 296
Verified No
WPVDB ID 10196

Timeline

Publicly Published 2020-04-09 (about 2 months ago)
Added 2020-04-28 (27 days ago)
Last Updated 2020-04-29 (26 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin