vert.x-stomp 授权问题漏洞

vert.x-stomp is a STOMP client/server implementation of the Eclipse Vert.x open source. An authorization issue vulnerability exists in vert.x-stomp versions prior to 3.1.0 to 3.9.16 and 4.0.0 to 4.4.2, which stems from a client being able to subscribe to a destination or publish a message without...

PT-2021-23137 · Unknown +1 · Freeswitch +1

Name of the Vulnerable Software and Affected Versions: FreeSWITCH versions prior to v1.10.6 Description: The issue concerns the lack of authentication for SIP requests of the type SUBSCRIBE in FreeSWITCH. This allows attackers to subscribe to user agent event notifications without authentication,...