managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted socketio web server (port 3020) open to all origins, which allows attackers to obtain sensitive Discord user information.
CPE | Name | Operator | Version |
---|---|---|---|
premid | eq | 2.0 | |
premid | eq | 2.0.1.4 | |
premid | eq | 1.3.1.8 | |
premid | eq | 2.0-beta3-RC | |
premid | eq | 1.3.2.4 | |
premid | eq | 0.2 | |
premid | eq | app-v2.1.1 | |
premid | eq | app-v2.1.3 | |
premid | eq | app-v2.0.7 | |
premid | eq | 1.2.0.1 |