Vulnerabilities (CVE)

Filtered by vendor Jitsi Subscribe
Filtered by product Meet
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-26812 1 Jitsi 1 Meet 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.
CVE-2020-11878 1 Jitsi 1 Meet 2024-11-21 7.5 HIGH 9.8 CRITICAL
The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts.