CVE-2015-3454

2017-09-06T21:29:00
ID CVE-2015-3454
Type cve
Reporter cve@mitre.org
Modified 2017-09-07T18:11:00

Description

TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket messages, which might allow remote attackers to obtain password hashes via a cross-site scripting attack.