GHSA-F9MQ-JPH6-9MHM Arbitrary file read via window-open IPC in Electron
Impact The vulnerability allows arbitrary local file read by defining unsafe window options on a child window opened via window.open. Workarounds Ensure you are calling event.preventDefault on all new-window events where the url or options is not something you expect. Fixed Versions 9.0.0-beta.21...