4 matches found
GO-2026-4661 Linkdave Missing Authentication on REST and WebSocket endpoints in github.com/shi-gg/linkdave
Linkdave Missing Authentication on REST and WebSocket endpoints in github.com/shi-gg/linkdave...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the REST and WebSocket endpoints due to lack of authentication enforcement. An attacker can gain unauthorized access and interact with sensitive server functionality by sending requests...
GHSA-XV8G-FJ9H-6GMV Linkdave Missing Authentication on REST and WebSocket endpoints
The linkdave server does not enforce authentication on its REST and WebSocket routes in versions prior to 0.1.5. Impact An attacker with network access to the server port can: - Connect to the WebSocket endpoint /ws and receive a valid sessionid in the OpReady response. - Use that session to invo...
Linkdave Missing Authentication on REST and WebSocket endpoints
The linkdave server does not enforce authentication on its REST and WebSocket routes in versions prior to 0.1.5. Impact An attacker with network access to the server port can: - Connect to the WebSocket endpoint /ws and receive a valid sessionid in the OpReady response. - Use that session to invo...