Information Disclosure

sysend is vulnerable to information disclosure. Remote unauthenticated attackers are able to intercept user communications when the cross-origin communication is used in the same browser, resulting in disclosure of sensitive information...

CVE-2022-24762

sysend.js is a library that allows a user to send messages between pages that are open in the same browser. Users that use cross-origin communication may have their communications intercepted. Impact is limited by the communication occurring in the same browser. This issue has been patched in...

GHSA-4VVG-X86P-MVQC Leaking of user information on Cross-Domain communication in sysend

Impact Users that use Cross-Origin communication and send sensitive information make it possible for this data to be intercepted. This is not a big impact because it happens only on the same browser. Patches It has been patched in version 1.10.0 Workarounds The only workaround is to not send...

Leaking of user information on Cross-Domain communication in sysend

Impact Users that use Cross-Origin communication and send sensitive information make it possible for this data to be intercepted. This is not a big impact because it happens only on the same browser. Patches It has been patched in version 1.10.0 Workarounds The only workaround is to not send...