Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for opening windows within the Markdown docs viewer.
References
Configurations
No configuration.
History
06 Nov 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-601 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
05 Nov 2024, 16:04
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Nov 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-04 21:15
Updated : 2024-11-06 19:35
NVD link : CVE-2024-48463
Mitre link : CVE-2024-48463
CVE.ORG link : CVE-2024-48463
JSON object : View
Products Affected
No product.
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')