VYPR
Moderate severityNVD Advisory· Published Jul 25, 2023· Updated Oct 15, 2024

CVE-2023-2850

CVE-2023-2850

Description

NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vulnerability allows certain user information to be extracted by attacker.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
nodebbnpm
>= 3.0.0, < 3.1.33.1.3
nodebbnpm
< 2.8.132.8.13

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.