EPSS
Percentile
53.1%
Converse.js is vulnerable to information leakage. Access models are not taken into account when storing bookmarks on the server. This means that bookmarks uploaded into Personal Eventing Protocol (PEP) are accessible by all contacts.
github.com/jcbrand/converse.js/commit/ba09996998df38a5eb76903457fbb1077caabe25
gultsch.de/converse_bookmarks.html