漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
BigBlueButton Unrestricted File Upload vulnerability
Vulnerability Description
BigBlueButton is an open-source virtual classroom. BigBlueButton prior to version 2.6.0-beta.2 is vulnerable to unrestricted file upload, where the insertDocument API call does not validate the given file extension before saving the file, and does not remove it in case of validation failures. BigBlueButton 2.6.0-beta.2 contains a patch. There are no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
BigBlueButton 代码问题漏洞
Vulnerability Description
BigBlueButton是BigBlueButton社区的一套开源的Web会议系统。 BigBlueButton 2.6.0之前版本存在代码问题漏洞,该漏洞源于insertDocument API存在文件上传漏洞。
CVSS Information
N/A
Vulnerability Type
N/A