2 matches found
Server side request forgery (ssrf)
DISPUTED The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects on...
PT-2018-15375 · Telegram · Telegram
Name of the Vulnerable Software and Affected Versions: Telegram version 4.9.1 Telegram Web-version 0.7.0 Description: The issue concerns a side channel in the "secret chat" feature where Telegram servers send GET requests for URLs typed while composing a chat message, before the message is sent...