CVE-2024-38273
June 18, 2024, 8:15 p.m.
Tags
Product(s) Impacted
BigBlueButton
Description
Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access.
Weaknesses
CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE ID: 284Date
Published: June 18, 2024, 8:15 p.m.
Last Modified: June 18, 2024, 8:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
patrick@puiterwijk.org
References
https://moodle.org/
patrick@puiterwijk.org