Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive...
7.1CVSS
6.5AI Score
0.002EPSS
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path...
5.3CVSS
5.2AI Score
0.001EPSS
Dino before 2019-09-10 does not properly check the source of a carbons message in...
7.5CVSS
7.3AI Score
0.003EPSS
7.5CVSS
7.3AI Score
0.003EPSS
7.5CVSS
7.3AI Score
0.002EPSS