Vulnerabilities > Movim

DATE CVE VULNERABILITY TITLE RISK
2023-09-14 CVE-2023-2848 Origin Validation Error vulnerability in Movim
Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability.
network
low complexity
movim CWE-346
8.8
2017-02-09 CVE-2017-5605 Origin Validation Error vulnerability in Movim
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
movim CWE-346
5.9