CVE-2026-27736

{"id": "CVE-2026-27736", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-27736", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-26T21:07:12.375891Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "affected": [{"source": "security-advisories@github.com", "affectedData": [{"vendor": "bigbluebutton", "product": "bigbluebutton", "versions": [{"status": "affected", "version": ">= 3.0.0, < 3.0.20"}]}]}], "published": "2026-02-25T17:25:40.283", "references": [{"url": "https://github.com/bigbluebutton/bigbluebutton/commit/691f92f3af0d6b796b91cb968977068663119812", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-65cv-rg9f-qqrx", "tags": ["Patch", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "BigBlueButton is an open-source virtual classroom. In versions on the 3.x branch prior to 3.0.20, the string received with errorRedirectUrl lacks validation, using it directly in the respondWithRedirect function leads to an Open Redirect vulnerability. BigBlueButton 3.0.20 patches the issue. No known workarounds are available."}, {"lang": "es", "value": "BigBlueButton es un aula virtual de c\u00f3digo abierto. En versiones de la rama 3.x anteriores a la 3.0.20, la cadena recibida con errorRedirectUrl carece de validaci\u00f3n, usarla directamente en la funci\u00f3n respondWithRedirect conduce a una vulnerabilidad de redirecci\u00f3n abierta. BigBlueButton 3.0.20 corrige el problema. No se conocen soluciones alternativas disponibles."}], "lastModified": "2026-06-17T10:27:34.667", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC6C16D8-2543-43E9-8F1B-632501E23028", "versionEndExcluding": "3.0.20"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}