Java-Websocket is vulnerable to man-in-the-middle attack. The SSL hostname validation is not enabled by default, allowing an attacker to perform a man-in-the-middle attack to intercept and modify network traffic.
CPE | Name | Operator | Version |
---|---|---|---|
java-websocket | le | 1.4.1 |