Unrated severityNVD Advisory· Published Apr 14, 2021· Updated Aug 3, 2024
CVE-2021-26812
CVE-2021-26812
Description
Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Jitsi Meet/Jitsi Meet plugin for Moodledescription
- Range: >= 2.7, <= 2.8.3
Patches
Vulnerability mechanics
References
1- github.com/udima-university/moodle-mod_jitsi/issues/67mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.