VYPR
High severityNVD Advisory· Published Jul 15, 2019· Updated Aug 4, 2024

CVE-2019-13611

CVE-2019-13611

Description

An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
python-engineioPyPI
< 3.9.03.9.0

Affected products

266

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.