An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room.
References
Link | Resource |
---|---|
https://hackerone.com/reports/1757663 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2023-03-10T00:00:00
Updated: 2023-03-10T00:00:00
Reserved: 2023-01-19T00:00:00
Link: CVE-2023-23911
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-03-10T22:15:10.427
Modified: 2023-03-16T17:11:57.350
Link: CVE-2023-23911
JSON object: View
Redhat Information
No data.