Purushottamanr

Name of the Vulnerable Software and Affected Versions: Jitsi Meet plugin for Moodle versions 2.7 through 2.8.3 Description: The issue allows attackers to craft a malicious URL that, when clicked on by users, can inject javascript code to be run by the application. This is achieved through a Cross Site Scripting (XSS) flaw in the `sessionpriv.php` module. Recommendations: For versions 2.7 through 2.8.3, consider disabling the `sessionpriv.php` module until a patch is available to prevent potential exploitation.