Conversejs Converse.js — known CVE vulnerabilities
Every CVE whose affected-product data names Conversejs Converse.js, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2017-5858 — CVSS 5.9 (medium): An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user…
CVE-2018-6591 — CVSS 5.3 (medium): Converse.js and Inverse.js through 3.3 allow remote attackers to obtain sensitive information because it is too difficult to determine…