CVE-2024-48463

Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for opening windows within the Markdown docs viewer.
Configurations

No configuration.

History

06 Nov 2024, 19:35

Type Values Removed Values Added
CWE CWE-601
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

05 Nov 2024, 16:04

Type Values Removed Values Added
Summary
  • (es) Bruno anterior a 1.29.1 usa Electron shell.openExternal sin validaciĆ³n (de http o https) para abrir ventanas dentro del visor de documentos Markdown.

04 Nov 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-04 21:15

Updated : 2024-11-06 19:35


NVD link : CVE-2024-48463

Mitre link : CVE-2024-48463

CVE.ORG link : CVE-2024-48463


JSON object : View

Products Affected

No product.

CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')