CVE-2020-36625
destiny.gg chat main.go websocket.Upgrader cross-site request forgery
CVSS Score
4.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is bebd256fc3063111fb4503ca25e005ebf6e73780. It is recommended to apply a patch to fix this issue. The identifier VDB-216521 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
| CWE | CWE-863 |
| Vendor | destiny.gg |
| Product | chat |
| Published | Dec 22, 2022 |
| Last Updated | Aug 4, 2024 |
Stay Ahead of the Next One
Get instant alerts for destiny.gg chat
Be the first to know when new medium vulnerabilities affecting destiny.gg chat are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
Affected Versions
destiny.gg / chat
n/a