Skip to main content

Chat Room

1 CVEs product

Monthly

CVE-2015-8601 MEDIUM PATCH This Month

The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Chat Room
NVD
CVSS 2.0
5.0
EPSS
0.1%
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Chat Room
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy