electron-pdf version 20.0.0 allows an external attacker to remotely obtain
arbitrary local files. This is possible because the application does not
validate the HTML content entered by the user.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2024-02-20T00:01:50.680Z
Updated: 2024-08-01T18:48:21.883Z
Reserved: 2024-02-19T22:00:56.677Z
Link: CVE-2024-1648
Vulnrichment
Updated: 2024-08-01T18:48:21.883Z
NVD
Status : Awaiting Analysis
Published: 2024-02-20T01:15:07.943
Modified: 2024-11-21T08:51:00.050
Link: CVE-2024-1648
Redhat
No data.