CVE-2019-11928

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.1190%

EPSS Percentile24.78th

PublishedSep 3, 2020

Last ModifiedNov 21, 2024

Vulnerability Description

An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link from a specially crafted live location message.

Affected Platforms (CPE)

📦

Whatsapp Desktop

< 0.3.4932

References & Advisories

🔗 https://www.whatsapp.com/security/advisories/2020/

Related Vulnerabilities

CVE-2020-188910.0

A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron ...

CVE-2021-240429.8

The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS pr...

CVE-2021-240439.1

A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2...

CVE-2019-184268.2

A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allo...