2020-04-23 17:53:47
mitre
PUBLISHED
BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used.