CVE-2025-62613

Name of the Vulnerable Software and Affected Versions VDO.Ninja versions 28.0 through 28.3

Description VDO.Ninja is a tool used to integrate remote video feeds into studio software via WebRTC. A reflected Cross-Site Scripting (XSS) issue exists in the examples/control.html file through the room parameter. The application does not properly sanitize input before rendering it in the Document Object Model (DOM), which allows for the injection and execution of malicious scripts.

Recommendations Update to version 28.4 or later.