A vulnerability was found in BigBlueButton Greenlight up to 2.12.x. It has been classified as problematic. This affects an unknown part of the component Login Page. The manipulation of the argument return_to leads to open redirect.
This vulnerability is uniquely identified as CVE-2022-36028. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.