RSS   Vulnerabilities for 'Chat room'   RSS

2015-12-17
 
CVE-2015-8601

 

 
The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restrictions and read messages from arbitrary Chat Rooms via unspecified vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top