Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true).
- https://medium.com/bugbountywriteup/remote-code-execution-through-cross-site-scripting-in-electron-f3b891ad637
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Redfox-Secuirty/Hacking-Electron-Apps-CVE-2020-35717-
- https://github.com/Redfox-Security/Hacking-Electron-Apps-CVE-2020-35717-
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hmartos/cve-2020-35717
- https://github.com/nomi-sec/PoC-in-GitHub