libjitsi icon indicating copy to clipboard operation
libjitsi copied to clipboard
verified publisher icon jitsi

numerous issues identified by lgtm.com/

Open richterdavid opened this issue 5 years ago • 0 comments

https://lgtm.com/search?q=jitsi identifies numerous errors in libjitsi and other projects under http://github.com/jitsi. While a number are minor (e.g., no-op variable assignments), others are more concerning, including potential XSS and array index out of bound reads.

Despite the potential disclosure of an XSS, I'm filing this as a normal issue because:

  1. any issues listed are already in the public: anyone can query lgtm.com
  2. jitsi does not have a security policy requesting a different way to submit security issues (https://github.com/jitsi/libjitsi/security)

richterdavid avatar May 17 '20 22:05 richterdavid