We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | BLSOPS |
Reserved | 2023-06-27 |
Published | 2023-07-14 |
Updated | 2024-10-22 |
Improper Input Validation in the hyperlink interpretation in Savoir-faire Linux's Jami (version 20222284) on Windows. This allows an attacker to send a custom HTML anchor tag to pass a string value to the Windows QRC Handler through the Jami messenger.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L |
https://review.jami.net/c/jami-client-qt/+/23569
https://git.jami.net/savoirfairelinux/jami-client-qt/-/wikis/Changelog#nightly-january-10
https://blog.blacklanternsecurity.com/p/Jami-Local-Denial-Of-Service-and-QRC-Handler-Vulnerabilities