CVE-2024-37405 Information

Description

Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken (pre-authentication) and livechat:loadHistory.

Reference

https://hackerone.com/reports/2580062