A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-201,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| webtorrent | bittorrent-dht | * |
WebTorrent before 0.107.6 allows XSS in the HTTP server via a title or file name.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| webtorrent | webtorrent | * |