Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-26812 PoC — 8X8 Docker Jitsi Meet 跨站脚本漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-26812.yaml
Associated Vulnerability
Title:8X8 Docker Jitsi Meet 跨站脚本漏洞 (CVE-2021-26812)
Description:8X8 Docker Jitsi Meet是美国8x8(8X8)公司的一款用于在Docker构建Jitsi Meet视频会议解决方案的工具。 Jitsi Meet 2.7版本至2.8.3版本存在跨站脚本漏洞,该漏洞源于sessionprivi .php模块。
Description
Moodle Jitsi Meet 2.7 through 2.8.3 plugin contains a cross-site scripting vulnerability via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject JavaScript code to be run by the application.
File Snapshot

 id: CVE-2021-26812

info:
  name: Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting
  author: acese

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.