Jitsi Meet vulnerabilities
2 known vulnerabilities affecting jitsi/meet.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-26812P3MEDIUMCVSS 6.1PoC≥ 2.7, ≤ 2.8.32021-04-14
CVE-2021-26812 [MEDIUM] CWE-79 CVE-2021-26812: Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpri
Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.
nvd
CVE-2020-11878P3CRITICALCVSS 9.8fixed in stable-4384-12020-04-17
CVE-2020-11878 [CRITICAL] CWE-798 CVE-2020-11878: The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (
The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts.
nvd