Cross-Site WebSocket Hijacking (CSWSH)

github.com/komari-monitor/komari, is vulnerable to Cross-Site WebSocket Hijacking CSWSH. The vulnerability is due to disabled origin checking, which allows an attacker to hijack authenticated user WebSocket connections...

PT-2025-33680 · Komari · Komari

Name of the Vulnerable Software and Affected Versions: Komari versions prior to 1.0.4-fix1 Description: Komari is a server monitoring tool. A Cross-Site WebSocket Hijacking CSWSH issue exists in the WebSocket upgrader due to disabled origin checking, potentially allowing remote code execution...