CVE-2022-21695: 
Python vulnerability analysis and mitigation

OnionShare, an open-source tool for secure and anonymous file sharing using the Tor network, was found to contain an improper access control vulnerability (CVE-2022-21695) discovered during a penetration test conducted by Radically Open Security between September 26, 2021, and October 8, 2021. The vulnerability affects versions 2.3 and above, with a patch released in version 2.5 (GitHub Advisory).

The vulnerability allows authenticated users (or unauthenticated users in public mode) to send messages in chat rooms without being visible in the list of chat participants. This occurs when a user opens a chatroom without emitting the join message, resulting in their absence from the session.users list. The issue can be exploited using either a modified frontend client or manual requests through tools like burp/curl (GitHub Advisory).

An adversary with access to the chat environment can send messages to the chat without being visible in the list of chat participants. This vulnerability could potentially be combined with other issues to impersonate existing users, making it difficult for others to distinguish between original and fake messages (GitHub Advisory).

The vulnerability was patched in OnionShare version 2.5, released on January 18, 2022. The fix includes several hardening improvements for session and username management in Chat mode to prevent impersonation and other issues. The recommended solution involves allowing chat access only after emission of the join event and implementing proper session handling (GitHub Release, GitHub Advisory).