CVE-2023-2848
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-2848
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2848.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-2848
- Downstream
- Published
- 2023-09-14T12:15:07Z
- Modified
- 2025-07-02T00:24:00.746184Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation.
- References
Affected packages
Git / github.com/movim/movim
Affected ranges
- Type
- GIT
- Repo
- https://github.com/movim/movim
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
0.*
0.14.1
v0.*
v0.1
v0.10
v0.11
v0.11alpha1
v0.12
v0.12.1
v0.13
v0.14
v0.14.1
v0.14.1rc
v0.14.1rc2
v0.14.1rc3
v0.14.1rc4
v0.14.1rc5
v0.14.2rc4
v0.14.2rc5
v0.14.2rc6
v0.14.2rc7
v0.14alpha2
v0.14alpha5
v0.14alpha6
v0.14beta
v0.14rc
v0.14rc2
v0.15
v0.15rc1
v0.16
v0.16.1
v0.17
v0.17.1
v0.18
v0.18.1rc0
v0.18.1rc1
v0.18.1rc2
v0.18.1rc3
v0.18.1rc4
v0.18.1rc5
v0.18.1rc6
v0.18.1rc7
v0.18.1rc8
v0.18rc1
v0.18rc10
v0.18rc11
v0.18rc12
v0.18rc13
v0.18rc14
v0.18rc2
v0.18rc3
v0.18rc4
v0.18rc5
v0.18rc6
v0.18rc7
v0.18rc8
v0.18rc9
v0.19
v0.19.1rc2
v0.19.1rc3
v0.19.1rc4
v0.19.1rc5
v0.19.1rc6
v0.19.1rc7
v0.19rc1
v0.19rc2
v0.19rc3
v0.2
v0.20
v0.20rc0
v0.20rc1
v0.20rc2
v0.20rc3
v0.20rc4
v0.20rc6
v0.21
v0.21.1
v0.21rc0
v0.21rc1
v0.21rc10
v0.21rc11
v0.21rc2
v0.21rc3
v0.21rc4
v0.21rc5
v0.21rc6
v0.21rc7
v0.21rc8
v0.21rc9
v0.3
v0.4
v0.4.1
v0.5
v0.6
v0.6.1
v0.7
v0.7.1
v0.7.2
v0.8
v0.8.1
v0.9