CVE-2023-2850

Published July 25th, 2023

View on NVD ↗

CVSS v3

4.7

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vulnerability allows certain user information to be extracted by attacker.

NodeBB/NodeBB

Node.js based forum software built for the modern web

GitHub

15.1K