exploitDog

GHSA-r7g3-92qf-5xmx

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket messages, which might allow remote attackers to obtain password hashes via a cross-site scripting attack.

TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket messages, which might allow remote attackers to obtain password hashes via a cross-site scripting attack.

Ссылки

EPSS

Процентиль: 82%

0.0176

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2015-3454

CVSS3: 7.5

nvd

больше 8 лет назад

TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket messages, which might allow remote attackers to obtain password hashes via a cross-site scripting attack.

EPSS

Процентиль: 82%

0.0176

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200