managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted socketio web server (port 3020) open to all origins, which allows attackers to obtain sensitive Discord user information.
References
Link | Resource |
---|---|
https://github.com/PreMiD/PreMiD/pull/501 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-08-29T19:35:40
Updated: 2020-08-29T19:35:40
Reserved: 2020-08-28T00:00:00
Link: CVE-2020-24928
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-29T20:15:16.493
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-24928
JSON object: View
Redhat Information
No data.
CWE