CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jitsi: >> Meet Security Vulnerabilities

CVE-2021-26812

Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.

CVSS Score

6.1

EPSS Score

0.191

Published

2021-04-14

CVE-2020-11878

The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts.

CVSS Score

9.8

EPSS Score

0.004

Published

2020-04-17

Page 1

Vulnerabilities

Vulnerable Software

Jitsi: >> Meet Security Vulnerabilities

Products

Pricing

Contact Us