## https://sploitus.com/exploit?id=F2F4F45B-FCB1-5171-A3D5-CFCA72B915E3
# CVE-2022-39841 Medusa's leaky WebSocket
For more information please read the [blog post](https://sec.stealthcopter.com/cve-2022-39841/)
## Summary
A critical vulnerability in Medusa allows for information leakage, including plaintext credentials, by attaching to an unauthenticated WebSocket and waiting for a user to make a configuration change.