Mustafa Sanli

**Name of the Vulnerable Software and Affected Versions** Jitsi Meet versions prior to 2.0.9779 **Description** The issue is related to the insecure implementation of the video file sharing functionality in Jitsi Meet. This allows a remote attacker to load arbitrary video files if a message from another participant contains a URL encoded in the expected format. **Recommendations** For versions prior to 2.0.9779, update to version 2.0.9779 or later to resolve the issue. As a temporary workaround, consider restricting the use of the video file sharing feature until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Jitsi Meet versions prior to 2.0.9779 **Description** The issue is related to the insecure implementation of the image sharing functionality using giphy in Jitsi Meet. This allows clients to load GIFs from any arbitrary URL if a message from another participant contains a URL encoded in the expected format. The vulnerability can be exploited by a remote attacker to load arbitrary GIF files. **Recommendations** For versions prior to 2.0.9779, update to version 2.0.9779 or later to resolve the issue. As a temporary workaround, consider disabling the giphy image sharing functionality until a patch is available. Restrict access to the giphy feature to minimize the risk of exploitation. Avoid using the giphy feature in Jitsi Meet until the issue is resolved.