← voltar
CVE-2020-35717

CVE-2020-35717

EPSS 3.8%
zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true).
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/hmartos/cve-2020-35717https://github.com/zonetti/zonotehttps://medium.com/bugbountywriteup/remote-code-execution-through-cross-site-scripting-in-electron-f3b891ad637https://www.electronjs.org/apps/zonote