CVE-2025-61602 | BigBlueButton up to 3.0.12 GraphQL Mutation chatSendMessageReaction reactionEmojiId improper check or handling of exceptional conditions

A vulnerability classified as problematic has been found in BigBlueButton up to 3.0.12. This impacts the function chatSendMessageReaction of the component GraphQL Mutation Handler. The manipulation of the argument reactionEmojiId leads to improper check or handling of exceptional conditions.

This vulnerability is traded as CVE-2025-61602. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More