Miroslavpejic85
Products
2- 4 CVEs
- 0 CVEs
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-44730 | Cri | 0.59 | 9.1 | 0.00 | Oct 11, 2024 | Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name. | |
| CVE-2024-44734 | Hig | 0.49 | 7.5 | 0.00 | Oct 11, 2024 | Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change usernames via sending a crafted roomAction request to the server. | |
| CVE-2024-44729 | Hig | 0.49 | 7.5 | 0.00 | Oct 11, 2024 | Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting. | |
| CVE-2024-44731 | Med | 0.31 | 4.7 | 0.01 | Oct 11, 2024 | Mirotalk before commit 9de226 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary code via sending crafted payloads in messages to other users over RTC connections. |
- risk 0.59cvss 9.1epss 0.00
Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name.
- risk 0.49cvss 7.5epss 0.00
Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change usernames via sending a crafted roomAction request to the server.
- risk 0.49cvss 7.5epss 0.00
Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting.
- risk 0.31cvss 4.7epss 0.01
Mirotalk before commit 9de226 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary code via sending crafted payloads in messages to other users over RTC connections.