EPSS
Percentile
21.4%
onionshare is vulnerable to information disclosure. The vulnerability exists because the path parameter of the requested URL is not sanitized before being passed to the QT frontend which allows an attacker to render HTML4 Subset.
github.com/onionshare/onionshare/releases/tag/v2.5
github.com/onionshare/onionshare/security/advisories/GHSA-ch22-x2v3-v6vq
security-tracker.debian.org/tracker/CVE-2022-21690