PreMiD 2.2.0 allows unintended access via the websocket transport. An attacker can receive events from a socket and emit events to a socket, potentially interfering with a victim's "now playing" status on Discord.
References
Link | Resource |
---|---|
https://github.com/PreMiD/PreMiD/issues/790 | Exploit Issue Tracking Patch Third Party Advisory |
https://github.com/PreMiD/PreMiD/pull/791 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-02-20T20:20:27
Updated: 2022-02-20T20:20:27
Reserved: 2022-02-20T00:00:00
Link: CVE-2021-46701
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-02-20T21:15:07.437
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-46701
JSON object: View
Redhat Information
No data.
CWE