CVE-2021-28119

Published: 2021-03-09T23:15Z

Last Modified: 2024-11-21T05:59Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Twinkle Tray (aka twinkle-tray) through 1.13.3 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt