2 matches found
CVE-2023-2110
Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies tex...
CVE-2023-2110
CVE-2023-2110 affects Obsidian Desktop prior to 1.2.8 across Windows, Linux and macOS. The issue is improper path handling that allows a crafted webpage to access local files and exfiltrate them to remote servers via app://local/. Exploitation requires user interaction: opening a malicious markdo...