cve/CVE-2023-27035.md at b8bb3913ae5ed6689c69f4d953bda7435b2f2da7

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

839 B

Raw Blame History

CVE-2023-27035

Description

An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.

POC

Reference

https://forum.obsidian.md/t/embedded-web-pages-in-obsidian-canvas-can-use-sensitive-web-apis-without-the-users-permission-grant/54509
https://github.com/fivex3/CVE-2023-27035

Github

https://github.com/fivex3/CVE-2023-27035
https://github.com/nomi-sec/PoC-in-GitHub

839 B Raw Blame History

CVE-2023-27035

Description

POC

Reference

Github

839 B

Raw Blame History