Impact
An attacker can view any room's settings even though they are not authorized to do so. Only the room owner and administrator should be able to view a room's settings
Patches
Patched on Greenlight 2.12.6 and higher.
Workarounds
No workaround.
References
Patched here: #3508
For more information
If you have any questions or comments about this advisory:
Credits
We thank https://huntr.dev/users/hoangnguyen9891020/ who examined the Greelight code base and responsibly disclosed this vulnerability.
Impact
An attacker can view any room's settings even though they are not authorized to do so. Only the room owner and administrator should be able to view a room's settings
Patches
Patched on Greenlight 2.12.6 and higher.
Workarounds
No workaround.
References
Patched here: #3508
For more information
If you have any questions or comments about this advisory:
Credits
We thank https://huntr.dev/users/hoangnguyen9891020/ who examined the Greelight code base and responsibly disclosed this vulnerability.