CVE-2020-36625
Destiny.gg chat contains a Cross-Site Request Forgery (CSRF) vulnerability affecting the websocket.Upgrader implementation in main.go. The issue enables CSRF due to insufficient validation in the websocket handling path and could be triggered remotely. A patch identified as bebd256fc3063111fb4503...