3 matches found
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error through the lack CORS checks Host and Origin header validation on incoming HTTP connections. An attacker can gain unauthorized access to local or private-network servers by tricking a victim into visiting a...
GHSA-J3JP-GVR5-7HWQ python-engineio vulnerable to Cross-Site Request Forgery (CSRF)
WebSocket cross-origin vulnerability Impact This is a Cross-Site Request Forgery CSRF vulnerability. It affects Socket.IO and Engine.IO web servers that authenticate clients using cookies. Patches python-engineio version 3.9.0 patches this vulnerability by adding server-side Origin header checks...
python-engineio vulnerable to Cross-Site Request Forgery (CSRF)
WebSocket cross-origin vulnerability Impact This is a Cross-Site Request Forgery CSRF vulnerability. It affects Socket.IO and Engine.IO web servers that authenticate clients using cookies. Patches python-engineio version 3.9.0 patches this vulnerability by adding server-side Origin header checks...