cve/CVE-2023-27035.md at dd6a10065df501f0a524d47b55e162f16811ba93

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

839 B

Raw Blame History

CVE-2023-27035

Description

An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.

POC

Reference

https://forum.obsidian.md/t/embedded-web-pages-in-obsidian-canvas-can-use-sensitive-web-apis-without-the-users-permission-grant/54509
https://github.com/fivex3/CVE-2023-27035

Github

https://github.com/fivex3/CVE-2023-27035
https://github.com/nomi-sec/PoC-in-GitHub

839 B Raw Blame History

CVE-2023-27035

Description

POC

Reference

Github

839 B

Raw Blame History