What is the vulnerability ID for this security issue?

The vulnerability ID for this security issue is CVE-2023-2848.

What is the severity level of CVE-2023-2848?

CVE-2023-2848 has a severity level of high.

Movim prior to version 0.22 is affected by CVE-2023-2848.

CVE-2023-2848 allows for Cross-Site WebSocket Hijacking, potentially leading to unauthorized access and data exposure.

To mitigate the vulnerability in Movim version 0.22, update to a version that includes the fixes mentioned in the references provided.

vuln-group

Severity: high (8)

First published: Thu Sep 14 2023

Last modified: Wed Sep 20 2023

CWE: 346 1385

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation.

What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2023-2848.
What is the severity level of CVE-2023-2848?
CVE-2023-2848 has a severity level of high.
What is the affected software version of CVE-2023-2848?
Movim prior to version 0.22 is affected by CVE-2023-2848.
What is the impact of CVE-2023-2848?
CVE-2023-2848 allows for Cross-Site WebSocket Hijacking, potentially leading to unauthorized access and data exposure.
How can I mitigate the vulnerability in Movim version 0.22?
To mitigate the vulnerability in Movim version 0.22, update to a version that includes the fixes mentioned in the references provided.