CVE-2021-29467
Self-XSS
Wrongthink is an encrypted peer-to-peer chat program. A user could check their fingerprint into the service and enter a script to run arbitrary JavaScript on the site. No workarounds exist, but a patch exists in version 2.4.1.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Produtos afetados
birb-digital · wrongthinkQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →