VYPR
High severity7.5NVD Advisory· Published Sep 6, 2017· Updated Jun 17, 2026

CVE-2015-3454

CVE-2015-3454

Description

TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket messages, which might allow remote attackers to obtain password hashes via a cross-site scripting attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Vulcanjs/Vulcan2 versions
    cpe:2.3:a:vulcanjs:vulcan:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:vulcanjs:vulcan:*:*:*:*:*:*:*:*range: <=0.14.3
    • (no CPE)
  • Range: <0.15

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.