Security Advisory

CVE-2021-26812

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-14 13:55:47

Last updated 2024-08-03 20:33:40

Assigner mitre

State PUBLISHED

Description

Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.

← Browse all CVEs View on cve.org ↗