Loading
Generated remediation guidance and an executive summary. No account required.
BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll. The attacker had to be a meeting presenter. This issue is patched in version 2.4.0. There are no workarounds.
Cite this page
CVE-2022-41964. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2022-41964
Use CWE-200, Bigbluebutton vendor hub and Bigbluebutton product page to widen CVE-2022-41964 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-61602, CVE-2025-61601 and CVE-2026-27466 for nearby disclosures in the same product family.