cve/2020/CVE-2020-27603.md

CVE-2020-27603

Description

BigBlueButton before 2.2.27 has an unsafe JODConverter setting in which LibreOffice document conversions can access external files.

POC

Reference

No PoCs from references.

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/hannob/CVE-2020-27603-bbb-libreoffice-poc
• https://github.com/hectorgie/PoC-in-GitHub
• https://github.com/nomi-sec/PoC-in-GitHub