22 matches found
CVE-2025-67230
Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation...
CVE-2025-67229
An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation...
CVE-2025-67231
A reflected cross-site scripting XSS vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
CVE-2025-67230
Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation...
CVE-2025-67229
An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation...
CVE-2025-67229
An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation...
CVE-2025-67229
An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation...
CVE-2025-67229
An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation...
CVE-2025-67231
A reflected cross-site scripting XSS vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
CVE-2025-67230
Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation...
ToDesktop Builder security vulnerabilities
ToDesktop Builder is a desktop application building tool developed by ToDesktop Company in Ireland. Version 0.32.1 of ToDesktop Builder contains a security vulnerability caused by improper certificate verification. This vulnerability could allow attackers to manipulate backend responses...
CVE-2025-67231
A reflected cross-site scripting XSS vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
PT-2026-4496
Name of the Vulnerable Software and Affected Versions ToDesktop Builder version 0.32.1 Description An improper certificate validation issue exists that could allow an unauthenticated attacker to spoof backend responses. This is possible due to insufficient certificate validation. An on-path...
ToDesktop Builder security vulnerabilities
ToDesktop Builder is a desktop application building tool developed by ToDesktop Company in Ireland. Version 0.33.1 of ToDesktop Builder contains a security vulnerability. This vulnerability stems from reflective cross-site scripting, which could allow attackers to execute arbitrary code in the...
CVE-2025-67230
Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation...
CVE-2025-67231
A reflected cross-site scripting XSS vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
CVE-2025-67231
CVE-2025-67231 is a confirmed reflected XSS in ToDesktop Builder v0.33.1. The issue allows an attacker to execute arbitrary code in the context of a user’s browser via a crafted payload. Documented by multiple feeds (NVD, Red Hat, CIRCL, attackerkb, CVE lists) consistently describe a reflected XS...
CVE-2025-67229
CVE-2025-67229 affects ToDesktop Builder v0.32.1. The vulnerability is an improper certificate validation that allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation. CVSS 3.1 base score 9.8 (CRITICAL) with Network attack vector, n...
CVE-2025-67229
An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation...
PT-2026-4497
Name of the Vulnerable Software and Affected Versions ToDesktop Builder version 0.33.0 Description A flaw exists in the Custom URL Scheme handler within ToDesktop Builder. Insufficient validation when invoking external protocol handlers from the renderer context allows attackers with...