CVE-2022-21691: 
Python vulnerability analysis and mitigation

OnionShare, an open source tool for securely sharing files and hosting websites using the Tor network, was found to contain a vulnerability (CVE-2022-21691) related to chat participant authentication. The vulnerability was discovered during a penetration test conducted by Radically Open Security between September 26, 2021, and October 8, 2021, funded by the Open Technology Fund's Red Team lab. The issue affects versions 2.3 and above, with a patch released in version 2.5 (GitHub Advisory).

The vulnerability is classified as an Improper Access Control issue (CWE-306). The flaw allows chat participants to spoof their channel leave message by modifying the client-side JavaScript code. By removing the joined emit from the connect event handler, a modified client can remain undetected in the userlist without an active session. The attacker can then emit a disconnect event while maintaining access to the chat (GitHub Advisory). The vulnerability has a CVSS v3.1 Base Score of 4.3 (MEDIUM) with a vector string of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N (NVD).

An adversary with access to the chat environment can spoof their leave event while maintaining persistent access to the chat. This allows them to monitor all sent messages and potentially write in the chat while other participants believe they have left the conversation, compromising the privacy and security of chat communications (GitHub Advisory).

The vulnerability has been patched in OnionShare version 2.5, which implements proper session handling. Users are advised to upgrade to this version or later to address the security issue (GitHub Release).