Jitsi is an open-source web conferencing application. Jitsi also hosts a public instance, with millions of monthly active users. Let’s walk through an example. An attacker runs a meeting called `MiniGinger` on the public Jitsi instance meet.jit.si.When a user visits the attacker controller webpage `CuteCats.com`, in the background they are redirected to:https://meet.jit.si/MiniGinger#config.prejoinConfig.enabled=falseIf the user visited any other Jitsi meeting before and allowed it to access the...