CVE-2021-28154
Camunda Modeler (aka camunda-modeler) ≤ 4.6.0 is affected by an arbitrary file access flaw in the ipcRenderer interface. A remote attacker can send a crafted IPC message to manipulate readFile and writeFile, potentially exposing partial file contents or allowing unauthorized writes. The issue is ...