29Haz
CVE-2024-39302 | BigBlueButton up to 2.6.17/2.7.7/3.0.0-alpha6 resque-2.6.0 privileges management (GHSA-5966-9hw8-q96q)
A vulnerability was found in BigBlueButton up to 2.6.17/2.7.7/3.0.0-alpha6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2024-39302. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.