Websocket Session Hijacking

nodebb is vulnerable to Websocket Session Hijacking. The vulnerability exists due to missing csrf token in the request which allows an attacker to gain access to private information via cross-origin websocket session hijackingRead More