9 matches found
CVE-2023-27035
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
CVE-2023-27035
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
CVE-2023-27035
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
Code injection
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
CVE-2023-27035
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
CVE-2023-27035
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page...
Obsidian 安全漏洞
Obsidian is a knowledge base for native Markdown files from the Obsidian community. A security vulnerability exists in Obsidian Canvas version 1.1.9 that originates from a vulnerability that allows remote attackers to send desktop notifications, record user audio, and other unspecified impacts vi...
PT-2023-20910 · Unknown · Obsidian Canvas
Name of the Vulnerable Software and Affected Versions: Obsidian Canvas version 1.1.9 Description: An issue in Obsidian Canvas allows remote attackers to send desktop notifications, record user audio, and potentially have other unspecified impacts. This can be achieved via an embedded website on t...
CVE-2023-27035
CVE-2023-27035 affects Obsidian Canvas 1.1.9. The issue allows remote attackers to trigger sensitive Web APIs from embedded pages on the canvas, enabling actions such as sending desktop notifications and recording the user’s audio without explicit user permission. The root cause, as described in ...