CNNVD-202511-1527 Information

CNNVD ID

CNNVD-202511-1527

Related CVE

CVE-2025-64754

• CNNVD Published: 2025-11-13

Description (Chinese)

Jitsi Meet是Jitsi开源的一组开源项目。使用户能够使用和部署具有最先进视频质量和功能的视频会议平台。 Jitsi Meet 2.0.10532之前版本存在输入验证错误漏洞，该漏洞源于Microsoft账户OAuth认证窗口可能被劫持，可能导致身份验证绕过。

Description (English)

Jitsi Meet is an open-source group of Jitsi open-source projects. Enable users to use and deploy videoconferencing platforms with state-of-the-art video quality and functionality. The previous version of Jitsi Meet 2.0.10532 had an input authentication error loophole, which stemmed from the possibility that the Microsoft Account OAuth authentication window might be hijacked and could lead to the identification being bypassed.

Hazard Level

Critical

Vulnerability Type

输入验证错误

Affected Vendor

Jitsi

Published

2025-11-13

Last Modified

2026-02-24

References

https://github.com/jitsi/jitsi-meet/security/advisories/GHSA-5fx7-wgcr-fj78 https://access.redhat.com/security/cve/cve-2025-64754