CVE-2021-26812
14.04.2021, 14:15
Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.
| Vendor | Product | Version |
|---|---|---|
| jitsi | meet | 2.7 ≤ 𝑥 ≤ 2.8.3 |
𝑥
= Vulnerable software versions