An information disclosure vulnerability in OnionShare 2.3 prior to 2.4 allows remote unauthenticated malicious users to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
onionshare onionshare |