Devspace · Devspace · CVE-2020-15391
**Name of the Vulnerable Software and Affected Versions**
DevSpace version 4.13.0
**Description**
The issue in DevSpace allows websites to execute actions on pods on behalf of a victim due to a lack of authentication for the WebSocket protocol, leading to remote code execution.
**Recommendations**
For DevSpace version 4.13.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.