Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
lukehutch Gribbit HttpRequestHandler.java messageReceived missing origin validation in websockets
Vulnerability Description
A vulnerability was found in lukehutch Gribbit. It has been classified as problematic. Affected is the function messageReceived of the file src/gribbit/request/HttpRequestHandler.java. The manipulation leads to missing origin validation in websockets. The name of the patch is 620418df247aebda3dd4be1dda10fe229ea505dd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217716.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
CWE-1385
Vulnerability Title
The Gribbit Web Framework 访问控制错误漏洞
Vulnerability Description
The Gribbit Web Framework是Luke Hutchison个人开发者的一种新的超安全、超简单、超快速的框架。用于使用 Java 和其他 JVM 语言构建复杂的 Web 应用程序。 The Gribbit Web Framework 存在安全漏洞,该漏洞源于文件 src/gribbit/request/HttpRequestHandler.java 的函数 messageReceived,操作导致 websockets 中缺少原始验证。
CVSS Information
N/A
Vulnerability Type
N/A