A vulnerability was found in AVideo. It has been classified as problematic. This vulnerability affects unknown code of the file getMeetInfo.json.php of the component Meet Plugin. This manipulation of the argument User-Agent causes cross site scripting.
This vulnerability is registered as CVE-2026-60092. Remote exploitation of the attack is possible. No exploit is available.