nodebb is vulnerable to Websocket Session Hijacking. The vulnerability exists due to missing csrf token in the request which allows an attacker to gain access to private information via cross-origin websocket session hijackingRead More