{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T17:39:11.923","vulnerabilities":[{"cve":{"id":"CVE-2021-39205","sourceIdentifier":"security-advisories@github.com","published":"2021-09-15T18:15:09.187","lastModified":"2024-11-21T06:18:53.790","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jitsi Meet is an open source video conferencing application. Versions prior to 2.0.6173 are vulnerable to client-side cross-site scripting via injecting properties into JSON objects that were not properly escaped. There are no known incidents related to this vulnerability being exploited in the wild. This issue is fixed in Jitsi Meet version 2.0.6173. There are no known workarounds aside from upgrading."},{"lang":"es","value":"Jitsi Meet es una aplicación de videoconferencia de código abierto. Las versiones anteriores a 2.0.6173 son vulnerables a un ataque de tipo  cross-site scripting del lado del cliente por medio de una inyección de propiedades en objetos JSON que no fueron escapados correctamente. No se conocen incidentes relacionados con la explotación de esta vulnerabilidad. Este problema ha sido corregido en la versión 2.0.6173 de Jitsi Meet. No se conocen soluciones aparte de la actualización"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-1321"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-1321"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:8x8:jitsi_meet:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.6173","matchCriteriaId":"A30F6747-14E8-411D-94A2-CD50253107CD"}]}]}],"references":[{"url":"https://github.com/jitsi/jitsi-meet/pull/9320","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/jitsi/jitsi-meet/pull/9404","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/jitsi/jitsi-meet/security/advisories/GHSA-6582-8v9q-v3fg","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://hackerone.com/reports/1214493","source":"security-advisories@github.com","tags":["Permissions Required"]},{"url":"https://github.com/jitsi/jitsi-meet/pull/9320","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/jitsi/jitsi-meet/pull/9404","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/jitsi/jitsi-meet/security/advisories/GHSA-6582-8v9q-v3fg","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://hackerone.com/reports/1214493","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]}]}}]}