RSS   Vulnerabilities for 'Premid'   RSS

2022-02-20
 
CVE-2021-46701

CWE-862
 

 
PreMiD 2.2.0 allows unintended access via the websocket transport. An attacker can receive events from a socket and emit events to a socket, potentially interfering with a victim's "now playing" status on Discord.

 
2020-08-29
 
CVE-2020-24928

CWE-200
 

 
managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted socketio web server (port 3020) open to all origins, which allows attackers to obtain sensitive Discord user information.

 


Copyright 2024, cxsecurity.com

 

Back to Top