CVE-2015-8601
CVE-2015-8601 affects the Drupal Chat Room module for Drupal 7.x (versions before 7.x-2.2). The vulnerability arises from insufficient permission checks when establishing a websocket for chat messages, enabling remote attackers to bypass access controls and read messages in arbitrary chat rooms v...