Vulnerabilities > Jitsi > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-08 | CVE-2022-36736 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Jitsi 2.10.5550 Jitsi-2.10.5550 was discovered to contain a vulnerability in its web UI which allows attackers to perform a clickjacking attack via a crafted HTTP request. | 6.1 |
| 2021-04-14 | CVE-2021-26812 | Cross-site Scripting vulnerability in Jitsi Meet Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. | 6.1 |
| 2017-02-09 | CVE-2017-5603 | Origin Validation Error vulnerability in Jitsi 2.5.5061/2.9.5544 An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |