mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
1.0 KiB
1.0 KiB
CVE-2018-15685
Description
GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" options, is affected by a WebPreferences vulnerability that can be leveraged to perform remote code execution.
POC
Reference
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/SexyBeast233/SecBooks
- https://github.com/cranelab/webapp-tech
- https://github.com/doyensec/awesome-electronjs-hacking
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/rahulr311295/Electron_RCE
- https://github.com/xbl3/awesome-cve-poc_qazbnm456