We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-50307



Assignerjpcert
Reserved2024-10-22
Published2024-10-28
Updated2024-10-28

Description

Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed on the device that runs Chatwork Desktop Application (Windows).



MEDIUM: 5.5CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Product status

versions prior to 2.9.2
affected

References

https://jvn.jp/en/jp/JVN78335885/

cve.org CVE-2024-50307

nvd.nist.gov CVE-2024-50307

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.