3 matches found
CVE-2020-15258
In Wire before 3.20.x, shell.openExternal was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the URL that is opened. The...
CVE-2020-15258 Insecure use of shell.openExternal in Wire
In Wire before 3.20.x, shell.openExternal was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the URL that is opened. The...
CVE-2020-15258
CVE-2020-15258 affects Wire prior to 3.20.x, where the app used shell.openExternal without validating the URL. This could let an attacker craft messages with links using arbitrary protocols, potentially enabling code execution on a victim’s machine after user interaction. The root cause is openin...