Farhatahmad

**Name of the Vulnerable Software and Affected Versions** BigBlueButton Greenlight version 2.7.6 **Description** A cross-site scripting (XSS) issue exists in the 'merge account' functionality in admins.js. This could potentially allow for malicious script execution. **Recommendations** For BigBlueButton Greenlight version 2.7.6, consider disabling the 'merge account' functionality in admins.js until a patch is available to prevent potential exploitation.