4 matches found
CVE-2025-62613
VDO.Ninja (versions 28.0–28.3) is affected by a reflected XSS in examples/control.html via the room parameter. The issue arises from improper sanitization before rendering in the DOM, due to insufficient input validation/encoding. The vulnerability could allow script execution in the context of t...
CVE-2025-62613 VDO.Ninja Reflected XSS Vulnerability in control.html
VDO.Ninja is a tool that brings remote video feeds into OBS or other studio software via WebRTC. From versions 28.0 to before 28.4, a reflected Cross-Site Scripting XSS vulnerability exists on examples/control.html through the room parameter, which is improperly sanitized before being rendered in...
CVE-2025-62613 VDO.Ninja Reflected XSS Vulnerability in control.html
VDO.Ninja is a tool that brings remote video feeds into OBS or other studio software via WebRTC. From versions 28.0 to before 28.4, a reflected Cross-Site Scripting XSS vulnerability exists on examples/control.html through the room parameter, which is improperly sanitized before being rendered in...
PT-2025-43408
Name of the Vulnerable Software and Affected Versions VDO.Ninja versions 28.0 through 28.3 Description VDO.Ninja is a tool used to integrate remote video feeds into studio software via WebRTC. A reflected Cross-Site Scripting XSS issue exists in the examples/control.html file through the room...