While working on AChat project, I discovered a cache deception vulnerability in the better-call npm package (this dependency used by AChat). The issue stems from insufficient path sanitization, which allows attackers to craft deceptive requests that can bypass CDN rules and expose sensitive user data.
CVE Link
CVE Report
While working on AChat project, I discovered a cache deception vulnerability in the better-call npm package (this dependency used by AChat). The issue stems from insufficient path sanitization, which allows attackers to craft deceptive requests that can bypass CDN rules and expose sensitive user data.
CVE Link
CVE Report