CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Chat Room Project: Security Vulnerabilities

CVE-2015-8601

The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restrictions and read messages from arbitrary Chat Rooms via unspecified vectors.

CVSS Score

5.0

EPSS Score

0.001

Published

2015-12-17

Page 1

Vulnerabilities

Vulnerable Software

Chat Room Project: Security Vulnerabilities

Products

Pricing

Contact Us