Lucene search

K

Meet Security Vulnerabilities

cve
cve

CVE-2024-30437

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPPOOL Webinar and Video Conference with Jitsi Meet allows Stored XSS.This issue affects Webinar and Video Conference with Jitsi Meet: from n/a through...

6.5CVSS

9.1AI Score

0.0004EPSS

2024-03-29 06:15 PM
41
cve
cve

CVE-2004-2629

Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express (when used with H.323 conferencing endpoints), Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a denial of service, as demonstrated by the...

7AI Score

0.005EPSS

2022-10-03 04:14 PM
25
cve
cve

CVE-2022-37339

Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Meet My Team plugin <= 2.0.5 at...

5.4CVSS

5.2AI Score

0.001EPSS

2022-09-23 02:15 PM
34
2
cve
cve

CVE-2021-39215

Jitsi Meet is an open source video conferencing application. In versions prior to 2.0.5963, a Prosody module allows the use of symmetrical algorithms to validate JSON web tokens. This means that tokens generated by arbitrary sources can be used to gain authorization to protected rooms. This issue.....

7.5CVSS

7.4AI Score

0.001EPSS

2021-09-15 06:15 PM
26
cve
cve

CVE-2021-39205

Jitsi Meet is an open source video conferencing application. Versions prior to 2.0.6173 are vulnerable to client-side cross-site scripting via injecting properties into JSON objects that were not properly escaped. There are no known incidents related to this vulnerability being exploited in the...

6.8CVSS

5.8AI Score

0.001EPSS

2021-09-15 06:15 PM
28
2
cve
cve

CVE-2021-33506

jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not ensure that restrict_room_creation is set by default. This can allow an attacker to circumvent conference...

7.5CVSS

7.4AI Score

0.001EPSS

2021-05-26 03:15 PM
27
7
cve
cve

CVE-2021-26812

Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the...

6.1CVSS

6AI Score

0.005EPSS

2021-04-14 02:15 PM
20
2
cve
cve

CVE-2020-25019

jitsi-meet-electron (aka Jitsi Meet Electron) before 2.3.0 calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some...

7.5CVSS

7.5AI Score

0.001EPSS

2020-08-29 05:15 PM
30
cve
cve

CVE-2020-11878

The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system...

9.8CVSS

9.5AI Score

0.002EPSS

2020-04-17 04:15 PM
106
cve
cve

CVE-2014-5732

The Wamba - meet women and men (aka com.wamba.client) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

6AI Score

0.0005EPSS

2014-09-09 10:55 AM
17
cve
cve

CVE-2014-5579

The Anywhere Pad-Meet, Collaborate (aka com.azeus.anywherepad) application 4.0.1031 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

6AI Score

0.001EPSS

2014-09-09 01:55 AM
23
cve
cve

CVE-2008-6066

Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) modules.php, (2) ManagerResource.class.php, (3) ManagerRightsResource.class.php, (4) RegForm.class.php, (5) RegResource.class.php, and....

7.6AI Score

0.028EPSS

2009-02-05 02:30 AM
17
cve
cve

CVE-2008-2812

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3)...

7.8CVSS

7.5AI Score

0.0004EPSS

2008-07-09 12:41 AM
50
10