Vulnerabilities

CVE-2020-12112

by Fred · 23/04/2020

BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File Inclusion.

Date published : 2020-04-23

https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.4…v2.2.5

Yes, the fix to the reported vulnerability (thanks to @thibeault_chenu for responsible disclosure) is in 2.2.5. You can see your version by running 'sudo bbb-conf –check' on the your BigBlueButton server and you should update accordingly.

— BigBlueButton (@bigbluebutton) April 21, 2020

Similar

Tags: Cybersecurity Alert