CVE-2020-27612
Greenlight in BigBlueButton through 2.2.8 places usernames in room URLs, which may represent an unintended information leak to users in a room, or an information leak to outsiders if any user publishes a screenshot of a browser window.
Source: CVE-2020-27612