Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Converse.js and Inverse.js through 3.3 allow remote attackers to obtain sensitive information because it is too difficult to determine whether safe publication of private data was configured or even intended. For example, users might have an expectation that chatroom bookmarks are private, but the various interacting software components do not necessarily make that happen.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Converse.js和Inverse.js 信息泄露漏洞
Vulnerability Description
Converse.js是一款开源的、使用JavaScript编写的运行于浏览器中的XMPP聊天客户端。Inverse.js是它的全屏版本。 Converse.js和Inverse.js 3.3及之前版本中存在信息泄露漏洞,该漏洞源于程序无法确定隐私数据的安全发布是被设定的或者是有意的。远程攻击者可利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A