EPSS
Percentile
19.4%
onionshare_cli is vulnerable to Authentication Bypass. The vulnerability exists in the upload function in receive_mode.py file, allowing authorized users to spoof their leave event and hide the existence.
upload
receive_mode.py
github.com/onionshare/onionshare/commit/0a518808fc139598e2511603d4d1cdc679ab435c
github.com/onionshare/onionshare/pull/1256
github.com/onionshare/onionshare/releases/tag/v2.5
github.com/onionshare/onionshare/security/advisories/GHSA-w9m4-7w72-r766