Jitsi Desktop Client RCE By Interacting with Malicious URL Schemes on Windows

A command injection vulnerability exists in Jitsi before commit [8aa7be58522f4264078d54752aae5483bfd854b2]( https://github.com/jitsi/jitsi/commit/8aa7be58522f4264078d54752aae5483bfd854b2) when launching browsers on Windows which could allow an attacker to insert an arbitrary URL which opens up the opportunity to remote execution. We thank @ex0dus-0x for submitting this report to us. Ref: CVE-2022-43550