VYPR
Unrated severityNVD Advisory· Published Apr 14, 2021· Updated Aug 3, 2024

CVE-2021-26812

CVE-2021-26812

Description

Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Jitsi Meet/Jitsi Meet plugin for Moodledescription
  • Jitsi/Jitsi Meetllm-fuzzy
    Range: >= 2.7, <= 2.8.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.