Vulnerabilities > Chat Room Project

DATE CVE VULNERABILITY TITLE RISK
2015-12-17 CVE-2015-8601 Information Exposure vulnerability in Chat Room Project Chat Room 7.X2.0/7.X2.1
The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restrictions and read messages from arbitrary Chat Rooms via unspecified vectors.
network
low complexity
chat-room-project CWE-200
5.0