CVE-2023-2848

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-2848
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2848.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-2848
Downstream
Published
2023-09-14T12:15:07Z
Modified
2025-07-02T00:24:00.746184Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation.

References

Affected packages

Git / github.com/movim/movim

Affected ranges

Type
GIT
Repo
https://github.com/movim/movim
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

0.*

0.14.1

v0.*

v0.1
v0.10
v0.11
v0.11alpha1
v0.12
v0.12.1
v0.13
v0.14
v0.14.1
v0.14.1rc
v0.14.1rc2
v0.14.1rc3
v0.14.1rc4
v0.14.1rc5
v0.14.2rc4
v0.14.2rc5
v0.14.2rc6
v0.14.2rc7
v0.14alpha2
v0.14alpha5
v0.14alpha6
v0.14beta
v0.14rc
v0.14rc2
v0.15
v0.15rc1
v0.16
v0.16.1
v0.17
v0.17.1
v0.18
v0.18.1rc0
v0.18.1rc1
v0.18.1rc2
v0.18.1rc3
v0.18.1rc4
v0.18.1rc5
v0.18.1rc6
v0.18.1rc7
v0.18.1rc8
v0.18rc1
v0.18rc10
v0.18rc11
v0.18rc12
v0.18rc13
v0.18rc14
v0.18rc2
v0.18rc3
v0.18rc4
v0.18rc5
v0.18rc6
v0.18rc7
v0.18rc8
v0.18rc9
v0.19
v0.19.1rc2
v0.19.1rc3
v0.19.1rc4
v0.19.1rc5
v0.19.1rc6
v0.19.1rc7
v0.19rc1
v0.19rc2
v0.19rc3
v0.2
v0.20
v0.20rc0
v0.20rc1
v0.20rc2
v0.20rc3
v0.20rc4
v0.20rc6
v0.21
v0.21.1
v0.21rc0
v0.21rc1
v0.21rc10
v0.21rc11
v0.21rc2
v0.21rc3
v0.21rc4
v0.21rc5
v0.21rc6
v0.21rc7
v0.21rc8
v0.21rc9
v0.3
v0.4
v0.4.1
v0.5
v0.6
v0.6.1
v0.7
v0.7.1
v0.7.2
v0.8
v0.8.1
v0.9