CVE-2022-41708

Summary

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. This is possible because the application does not validate permissions correctly.

Affected Software

VendorProductVersion RangeStatus
n/arelatedcode/Messenger7bcd20baffected

Weaknesses

  • Improper authorization control for web services

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References