← volver
CVE-2020-35717

CVE-2020-35717

EPSS 3.8%
zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true).
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/hmartos/cve-2020-35717https://github.com/zonetti/zonotehttps://medium.com/bugbountywriteup/remote-code-execution-through-cross-site-scripting-in-electron-f3b891ad637https://www.electronjs.org/apps/zonote