Mirotalk P2p Security Vulnerabilities and Issues — Mirotalk P2p CVE List

Lucene search

MirotalkMirotalk P2p

4 matches found

CVE•added 2023/03/22 10:15 p.m.•37 views

CVE-2023-27054

A cross-site scripting (XSS) vulnerability in MiroTalk P2P before commit f535b35 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the settings module.

6.1CVSS5.8AI score0.00333EPSS

CVE•added 2024/10/11 4:15 p.m.•33 views

CVE-2024-44730

Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name.

9.1CVSS7.1AI score0.00075EPSS

CVE•added 2024/10/11 5:15 p.m.•33 views

CVE-2024-44734

Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change usernames via sending a crafted roomAction request to the server.

7.5CVSS6.9AI score0.00067EPSS

CVE•added 2024/10/11 4:15 p.m.•30 views

CVE-2024-44729

Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting.

7.5CVSS7AI score0.00246EPSS