3 matches found
CVE-2016-10532
console-io is a module that allows users to implement a web console in their application. A malicious user could bypass the authentication and execute any command that the user who is running the console-io application 2.2.13 and earlier is able to run. This means that if console-io was running...
CVE-2016-10532
console-io is a module that allows users to implement a web console in their application. A malicious user could bypass the authentication and execute any command that the user who is running the console-io application 2.2.13 and earlier is able to run. This means that if console-io was running...
CVE-2016-10532
The CVE-2016-10532 issue concerns the console-io module, specifically versions 2.2.13 and earlier, where socket.io is not configured to require authentication. This allows an attacker to connect via WebSocket, bypass authentication, and execute commands with the same privileges as the console-io ...