Mozilla: [Hubs] - Broken access control in placing objects in hubs room

A broken access control vulnerability allowed an attacker to bypass object creation and movement restrictions in Mozilla Hubs. By using specific commands in the chat feature, the attacker could place objects in a room even if the admin user had disabled these actions. The vulnerability did not...