Open mal-tee opened 5 months ago
This issue is fixed in our fork: https://github.com/blindsidenetworks/wordpress-plugin_bigbluebutton/commit/1c0c97401eb5fbc91c541a61b3217555322a16ca
Dear maintainer(s),
I am getting in touch again to ask you for a security contact. We want to disclose a (potential) security vulnerability in your project responsibly. Feel free to respond with your preferred method of disclosure in this issue or via email: ias-disclosure@tu-braunschweig.de
Please note that we anticipate to release our findings later this year.
Thank You
This issue is fixed in our fork: 1c0c974
This fix seem unrelated to the issue we found.
So the issue you found is not the one described in: https://wpscan.com/vulnerability/8bb35d84-47c1-4b26-b6f2-6cf97e358c9b/ ? Can you post the WPVDB entry related to the issue you found?
Can you post the WPVDB entry related to the issue you found?
There is none. I am trying to disclose this issue atm.
If you can provide me with a link to your fork and, I can check if persist there as well.
That's our fork: https://github.com/konnektiv/wordpress-plugin_bigbluebutton
Hello maintainer(s),
I am a security researcher from the Institute of Application Security at TU Braunschweig, Germany. We discovered a (potential) security vulnerability in your project.
We would like to report this vulnerability to you in a responsible and ethical manner. Therefore, we do not want to disclose any details of the vulnerability publicly until you have had a chance to review and fix it.
Could you please let us know your prefered way of receiving security reports?
You can contact us at ias-disclosure@tu-braunschweig.de or by replying to this issue.
Thank you for your attention and cooperation.