CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-43550

A command injection vulnerability exists in Jitsi before commit 8aa7be58522f4264078d54752aae5483bfd854b2 when launching browsers on Windows which could allow an attacker to insert an arbitrary URL which opens up the opportunity to remote execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/jitsi/jitsi/commit/8aa7be58522f4264078d54752aae5483bfd854b2
https://github.com/jitsi/jitsi/commit/8aa7be58522f4264078d54752aae5483bfd854b2

Products affected by CVE-2022-43550

Jitsi » Jitsi » Version: 2.10.5550

cpe:2.3:a:jitsi:jitsi:2.10.5550
Jitsi » Jitsi » Version: 2.5.5061

cpe:2.3:a:jitsi:jitsi:2.5.5061
Jitsi » Jitsi » Version: 2.9.5544

cpe:2.3:a:jitsi:jitsi:2.9.5544
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-43550

Products

Pricing

Contact Us