Thm Pilos

5 CVEs affecting Thm Pilos. Latest disclosed: 2026-01-12. Critical: 0, High: 1.

Top CVEs affecting Thm Pilos
CVESeverityScorePublishedSummary
CVE-2023-47107High8.82023-11-08PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname…
CVE-2025-62523Medium6.32025-10-27PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. PILOS before 4.8.0 includes a Cross-Origin Resource Sharing (CORS) misco…
CVE-2025-62524Medium5.32025-10-27PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. PILOS before 4.8.0 exposes the PHP version via the X-Powered-By header…
CVE-2025-62781Medium5.02025-10-27PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. Prior to 4.8.0, users with a local account can change their password whi…
CVE-2026-22800Low2.42026-01-12PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery (CSRF) vulnerability exists…