CVE-2022-29281

CVE-2022-29281

Notable before 1.9.0-beta.8 doesn’t effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program (or theft of NTLM credentials via an SMB relay attack, because the application resolves UNC paths).

Source: CVE-2022-29281

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다