CVE-2021-29467
Self-XSS
Wrongthink is an encrypted peer-to-peer chat program. A user could check their fingerprint into the service and enter a script to run arbitrary JavaScript on the site. No workarounds exist, but a patch exists in version 2.4.1.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Productos afectados
birb-digital · wrongthink¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →