Exploit Report

Computer Security And Bug Information

CVE-2023-2848

CVECVE-2023-2848
CVE Title
Published Date2023-09-14T12:15Z
Modified Date2023-09-20T15:08Z
CWE TypeCWE-346
CVSS 3.xCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
DescriptionMovim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://github.com/movim/movim/commit/49e2012aecdf918bb1d16f278fa9ff42fad29a9d
Reference DescriptionMISC https://github.com/movim/movim/commit/49e2012aecdf918bb1d16f278fa9ff42fad29a9d
Reference URLhttps://mov.im/node/pubsub.movim.eu/Movim/a2d05925-0427-4f3f-b777-d20571ddddff
Reference DescriptionMISC https://mov.im/node/pubsub.movim.eu/Movim/a2d05925-0427-4f3f-b777-d20571ddddff
Reference URLhttps://github.com/movim/movim/commit/96372082acd3e5d778a2522a60a1805bf2af31f6
Reference DescriptionMISC https://github.com/movim/movim/commit/96372082acd3e5d778a2522a60a1805bf2af31f6
TagsPatch
Sources NIST MITRE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles