MEDIUM🇬🇧 English

CVE-2019-11928

CVSS 6.1v3.1pub. 2020-09-03upd. 2024-11-21

An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link from a specially crafted live location message.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Whatsapp Desktop

    APP
    Whatsapp
    < 0.3.4932
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2020-1889CRITICAL10.0ten sam produkt

A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox...

CVE-2019-3568CRITICAL9.8⚠ KEVten sam vendor

A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted ser...

CVE-2022-36934CRITICAL9.8ten sam vendor

An integer overflow in WhatsApp could result in remote code execution in an established video call.

CVE-2021-24043CRITICAL9.1ten sam vendor

A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business fo...

CVE-2021-24042CRITICAL9.8ten sam vendor

The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23,...