CVE-2015-3454
TelescopeJS prior to version 0.15 leaks user bcrypt password hashes in websocket messages, which an attacker could obtain through a cross-site scripting attack. This is documented in CVE-2015-3454 (NVD). The available sources corroborate that the vulnerability involves leaking password hash data ...