CVE-2021-39205

Name of the Vulnerable Software and Affected Versions Jitsi Meet versions prior to 2.0.6173

Description Jitsi Meet is an open source video conferencing application. The issue arises from client-side cross-site scripting via injecting properties into JSON objects that were not properly escaped. There are no known incidents related to this vulnerability being exploited in the wild.

Recommendations For versions prior to 2.0.6173, upgrade to version 2.0.6173 to resolve the issue. At the moment, there is no information about other workarounds aside from upgrading.