7 matches found
CVE-2024-23997
Lukas Bach yana =1.0.16 is vulnerable to Cross Site Scripting XSS via src/electron-main.ts...
CVE-2024-23997
Lukas Bach yana =1.0.16 is vulnerable to Cross Site Scripting XSS via src/electron-main.ts...
CVE-2024-23997
Lukas Bach yana =1.0.16 is vulnerable to Cross Site Scripting XSS via src/electron-main.ts...
CVE-2024-23997
Lukas Bach yana =1.0.16 is vulnerable to Cross Site Scripting XSS via src/electron-main.ts...
CVE-2024-23997
Lukas Bach yana =1.0.16 is vulnerable to Cross Site Scripting XSS via src/electron-main.ts...
Yana Security Breach
Yana is a powerful laptop application from the individual developer Lukas Bach. A security vulnerability exists in Yana version 1.0.16 and prior versions, which stems from a cross-site scripting vulnerability in the src/electron-main.ts location...
CVE-2024-23997
CVE-2024-23997 affects Lukas Bach Yana prior to and including version 1.0.16, with a Cross-Site Scripting (XSS) vulnerability via src/electron-main.ts. Public sources note XSS could lead to code execution in the Electron context (e.g., when nodeIntegration is enabled or via injection in HTML). Th...