exploitDog

GHSA-w3pm-8qj7-7fq4

Опубликовано: 23 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 7.1

Описание

Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation.

Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation.

Ссылки

EPSS

Процентиль: 1%

0.00011

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2025-67230

CVSS3: 7.1

nvd

15 дней назад

Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation.

EPSS

Процентиль: 1%

0.00011

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-276