CVE-2022-41707

Summary

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access sensitive data of any user of the application. This is possible because the application exposes user data to the public.

Affected Software

VendorProductVersion RangeStatus
n/arelatedcode/Messenger7bcd20baffected

Weaknesses

  • Improper authorization control for web services

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References