exploitDog

CVE-2025-61987

Опубликовано: 12 дек. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. do not validate origins in WebSockets. If a user accesses a crafted page, Chat information sent to the user may be exposed.

Ссылки

EPSS

Процентиль: 5%

0.00021

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-1385

Связанные уязвимости

GHSA-r3gq-2jpg-6v2w

CVSS3: 5.3

github

около 2 месяцев назад

GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. do not validate origins in WebSockets. If a user accesses a crafted page, Chat information sent to the user may be exposed.

EPSS

Процентиль: 5%

0.00021

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-1385