Hi,
It has come to our attention that there might be a serious security issue with BBB recordings. This seems to be an already known issue which is why I’m not going through the trouble of doing a specific disclosure here.
My question is: how can we tell which recordings there are on our server?
If I look in /admins/recordings on our instance, I see only public recordings which is a relief, but if I search for a recording, i find more!
How do you manage recordings to make sure they are not publicly accessible? And how do you deal with the issue that recordings are done even though the recording button has not been pressed?
Thanks for any feedback.
