2 matches found
Information disclosure
The TD Bank TD Advanced Dashboard client through 3.0.3 for macOS allows arbitrary code execution because of the lack of electron::fuses::IsRunAsNodeEnabled i.e., ELECTRONRUNASNODE can be used in production. This makes it easier for a compromised process to access banking information...
CVE-2023-50975
TD Bank TD Advanced Dashboard client for macOS (3.0.3 and earlier) is affected by arbitrary code execution due to ELECTRON_RUN_AS_NODE being usable in production, caused by missing electron::fuses::IsRunAsNodeEnabled. This enables a compromised process to access banking information. Connected adv...