If you believe you have found a security vulnerability in BigBlueButton or its ecosystem (Greenlight, plugins, etc) please let us know directly by
- using GitHub's "Report a vulnerability" functionality on https://github.com/bigbluebutton/bigbluebutton/security/advisories
- or e-mailing security@bigbluebutton.org with as much detail as possible.
Regards,... BigBlueButton Team