Logo
vuln-group

CVE-2023-2848

Severity: high (8)

First published: Thu Sep 14 2023

Last modified: Wed Sep 20 2023

CWE: 346 1385

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation.

Any of

  • Movim Movim
    <0.22

FAQ

  • What is the vulnerability ID for this security issue?

    The vulnerability ID for this security issue is CVE-2023-2848.

  • What is the severity level of CVE-2023-2848?

    CVE-2023-2848 has a severity level of high.

  • What is the affected software version of CVE-2023-2848?

    Movim prior to version 0.22 is affected by CVE-2023-2848.

  • What is the impact of CVE-2023-2848?

    CVE-2023-2848 allows for Cross-Site WebSocket Hijacking, potentially leading to unauthorized access and data exposure.

  • How can I mitigate the vulnerability in Movim version 0.22?

    To mitigate the vulnerability in Movim version 0.22, update to a version that includes the fixes mentioned in the references provided.

SecAlerts Pty Ltd.
Fortitude Valley,
QLD 4006, Australia
© Copyright 2023 - ABN: 70 645 966 203, ACN: 645 966 203