Security Advisory

CVE-2023-30591

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-29 05:06:43

Last updated 2024-09-23 17:39:24

Assigner STAR_Labs

State PUBLISHED

Description

Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively.

← Browse all CVEs View on cve.org ↗