Jitsi · Jitsi-Meet-Electron · CVE-2020-25019
**Name of the Vulnerable Software and Affected Versions**
jitsi-meet-electron versions prior to 2.3.0
**Description**
The issue arises when the Electron shell.openExternal function is called without verifying that the URL is for an http or https resource, under certain circumstances.
**Recommendations**
For versions prior to 2.3.0, update to version 2.3.0 or later to resolve the issue.