Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCryptocat Project Cryptocat
APPCryptocat Project< 2.0.22
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
Related vulnerabilities
CVE-2013-4108CRITICAL9.8ten sam produkt
Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vect...
CVE-2013-2260CRITICAL9.8ten sam produkt
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
CVE-2013-4102CRITICAL9.1ten sam produkt
Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness
CVE-2013-4103CRITICAL9.8ten sam produkt
Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input
CVE-2013-2262HIGH7.5ten sam produkt
Cryptocat strophe.js before 2.0.22 has information disclosure