Open Redirect in Jitsi Jitsi-meet
CVE-2025-64754
Jitsi Meet is an open source video conferencing application. A vulnerability present in versions prior to 2.0.10532 allows attackers to hijack the OAuth authentication window for Microsoft accounts. This is fixed in version 2.0.10532. No k…
Vulnerability class: Open Redirect
EPSS: 0.004 (35.4th percentile) — read the EPSS interpretation.
Affected products
- Jitsi Jitsi-meet — versions < 2.0.10532
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)