PT-2022-26036 · Relatedcode · Relatedcode'S Messenger

Carlos Bello

Published

2022-10-19

Updated

2022-10-20

CVE-2022-41707

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Relatedcode's Messenger version 7bcd20b

Description The issue allows an authenticated external attacker to access sensitive data of any user of the application. This is possible because the application exposes user data to the public.

Recommendations For version 7bcd20b, consider restricting access to sensitive user data until a fix is available. As a temporary workaround, review and modify the application's configuration to limit exposure of user data to the public.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2022-41707

Affected Products

Relatedcode'S Messenger

PT-2022-26036 · Relatedcode · Relatedcode'S Messenger

CVE-2022-41707

Weakness Enumeration

Related Identifiers

Affected Products

References · 3