Cross-Site WebSocket Hijacking (CSWSH)

github.com/komari-monitor/komari is vulnerable to Cross-Site WebSocket Hijacking (CSWSH). The vulnerability is due to disabled origin checking in the WebSocket upgrader, which allows an attacker to send malicious requests using a victim’s browser cookies and achieve remote code…Read More