CVE-2024-44731

Oct. 15, 2024, 12:57 p.m.

Tags

cve@mitre.org
2024-10-11
CVE-2024-44731

Product(s) Impacted

Mirotalk

  • before commit 9de226

Description

Mirotalk before commit 9de226 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary code via sending crafted payloads in messages to other users over RTC connections.

Weaknesses

Date

Published: Oct. 11, 2024, 5:15 p.m.

Last Modified: Oct. 15, 2024, 12:57 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://aware7.com/de/blog/schwachstellen-in-videokonferenzsystemen/
cve@mitre.org
https://github.com/miroslavpejic85
cve@mitre.org
https://github.com/miroslavpejic85/mirotalk
cve@mitre.org
https://github.com/miroslavpejic85/mirotalksfu/blob/main/SECURITY.md
cve@mitre.org