NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vulnerability allows certain user information to be extracted by attacker.
History

Tue, 15 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2023-07-25T11:13:18.100Z

Updated: 2024-10-15T19:05:55.858Z

Reserved: 2023-05-23T11:27:01.949Z

Link: CVE-2023-2850

cve-icon Vulnrichment

Updated: 2024-08-02T06:33:05.820Z

cve-icon NVD

Status : Modified

Published: 2023-07-25T12:15:10.837

Modified: 2024-11-21T07:59:25.033

Link: CVE-2023-2850

cve-icon Redhat

No data.