A vulnerability, which was classified as problematic , has been found in WWBN AVideo up to 29.0 . Impacted is an unknown function of the file plugin/Meet/iframe.php of the component URL Handler . Performing a manipulation results in cross site scripting. This vulnerability is known as CVE-2026-43878 . Remote exploitation of the attack is possible. No exploit is available. It is recommended to apply a patch to fix this issue.