5 matches found
CVE-2025-66824
A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...
TrueConf Server 安全漏洞
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. A security vulnerability exists in TrueConf Server version 5.5.2.10813, which stems from improper cleanup of user input in the Meeting Location field and could lead to a stored cross-site...
PT-2025-54215
Name of the Vulnerable Software and Affected Versions TrueConf Server version 5.5.2.10813 Description A Stored Cross-Site Scripting XSS issue exists in the Meeting location field within the Create/Edit Conference functionality. The issue is due to improper sanitization of user-supplied input in t...
CVE-2025-66824
TrueConf Server v5.5.2.10813 is affected by a Stored XSS in the Meeting location field (Create/Edit Conference) where input in the meeting_room parameter is stored and executed on the Conference Info page, enabling full Account Takeover (ATO). Root cause: improper sanitization of user-supplied in...
Security update 1970-01-01
...