3 matches found
CVE-2025-55300
CVE-2025-55300 affects the GitHub project github.com/komari-monitor/komari (Komari) and is caused by the WebSocket upgrader disabling origin checking, which enables Cross-Site WebSocket Hijacking (CSWSH) against authenticated users. An attacker can craft requests to the terminal WebSocket endpoin...
GHSA-Q355-H244-969H Komari vulnerable to Cross-site WebSocket Hijacking
Summary WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking CSWSH attacks against authenticated users Details https://github.com/komari-monitor/komari/blob/bd5a6934e1b79a12cf1e6a9bba5372d0e04f3abc/api/terminal.goL33-L35 Any third party website can send request...
Komari vulnerable to Cross-site WebSocket Hijacking
Summary WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking CSWSH attacks against authenticated users Details https://github.com/komari-monitor/komari/blob/bd5a6934e1b79a12cf1e6a9bba5372d0e04f3abc/api/terminal.goL33-L35 Any third party website can send request...