Cross-Site WebSocket Hijacking (CSWH)

Title	Vulnerabilities	Programs	Authors
CSWSH Meets LLM Chatbots	LLM Chatbot Websockets Cross-Site WebSocket Hijacking (CSWH)	Undisclosed	Sachin Sharma
MeshCentral Cross-Site Websocket Hijacking Vulnerability (CVE-2024-26135)	Cross-Site WebSocket Hijacking (CSWH)	MeshCentral	Adam Crosser
Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins (CVE-2024-23897 & CVE-2024-23898)	Cross-Site WebSocket Hijacking (CSWH) Data Leak Arbitrary File Read Security Code Review	Jenkins	Yaniv Nizry (@YNizry)
Rendezvous with a Chatbot: Chaining Contextual Risk Vulnerabilities	Chatbot Websockets Cross-Site WebSocket Hijacking (CSWH) Captcha Bypass	Undisclosed	Abeer Banerjee (@Bugasur)
Gitpod remote code execution 0-day vulnerability via WebSockets	RCE Cross-Site WebSocket Hijacking (CSWH) Samesite Cookie Bypass Account Takeover	Gitpod	Elliot Ward
[socket.io] Cross-Site Websockets Hijacking	Cross-Site WebSocket Hijacking (CSWH)	Node.js Third-Party Modules	Sh1yo (@Sh1yo_)
Peeping through a Web-Socket	Cross-Site WebSocket Hijacking (CSWH)	Undisclosed	Aditya Verma (@0cirius0)
‘Websocket Hijacking’ to steal Session_ID of victim users	Cross-Site WebSocket Hijacking (CSWH)	Undisclosed	Sunil Yedla (@Sunilyedla2)
Multiple Vulnerabilities In cPanel/WHM	XXE Stored XSS Privilege Escalation CSRF Cross-Site WebSocket Hijacking (CSWH)	CPanel	Adrian Tiron (@Adrian__t)
Cross-Site Websocket Hijacking bug in Facebook that leads to account takeover	Cross-Site WebSocket Hijacking (CSWH) Account Takeover	Meta / Facebook	Youssef Sammouda (@Samm0uda)
Account Takeover Using Cross-Site WebSocket Hijacking (CSWH)	Cross-Site WebSocket Hijacking (CSWH) Account Takeover	Undisclosed	Sharan Panegav (@PanegavSharan)

Page 1 of 1