Security Advisory

CVE-2024-45607

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-12 19:58:13

Last updated 2024-09-12 20:04:46

Assigner GitHub_M

State PUBLISHED

Description

whatsapp-api-js is a TypeScript server agnostic Whatsapps Official API framework. Its possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false when the signature is valid. Incorrect Access Control, anyone using the post or verifyRequestSignature methods to handle messages is impacted. This vulnerability is fixed in 4.0.3.

← Browse all CVEs View on cve.org ↗