exploitDog

GHSA-w2p3-47c3-r8h2

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name.

web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name.

Ссылки

EPSS

Процентиль: 59%

0.00383

Низкий

CVE ID

Дефекты

CWE-116

Связанные уязвимости

CVE-2020-28954

CVSS3: 5.3

nvd

около 5 лет назад

web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name.

EPSS

Процентиль: 59%

0.00383

Низкий

CVE ID

Дефекты

CWE-116