GO-2021-0321
Discription
An attacker capable of spoofing DNS TXT records can redirect a
WebSocket connection request to a server under their control without
causing TLS certificate verification to fail. This occurs because
the wrong host name is selected during this verification.Read More
References
Back to Main