4 matches found
CVE-2024-42366
VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...
CVE-2024-42366 VR Overlay RCE
VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...
CVE-2024-42366
Summary of CVE-2024-42366 (VR Overlay RCE) VRCX, a VRChat assistant/companion app, contained a vulnerability in versions prior to 2024.03.23 where a CefSharp browser with elevated privileges could be combined with an overlay notification to perform remote command execution (RCE). The issue is doc...
CVE-2024-42366 VR Overlay RCE
VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...