NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vulnerability allows certain user information to be extracted by attacker.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2023-07-25T11:13:18.100Z
Updated: 2024-08-02T06:33:05.820Z
Reserved: 2023-05-23T11:27:01.949Z
Link: CVE-2023-2850
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-25T12:15:10.837
Modified: 2023-08-07T16:58:57.517
Link: CVE-2023-2850
Redhat
No data.