Update node-integration-enabled.yaml
parent
016a85da6e
commit
f4b6664ae3
|
@ -4,7 +4,8 @@ info:
|
|||
name: Electron Applications - Cross-Site Scripting & Remote Code Execution
|
||||
author: me9187
|
||||
severity: critical
|
||||
description: Electron Applications is susceptible to remote code execution by way of cross-site scripting via nodeIntegration by calling require('child_process').exec('COMMAND');.
|
||||
description: |
|
||||
Electron Applications is susceptible to remote code execution by way of cross-site scripting via nodeIntegration by calling require('child_process').exec('COMMAND');.
|
||||
reference:
|
||||
- https://blog.yeswehack.com/yeswerhackers/exploitation/pentesting-electron-applications/
|
||||
- https://book.hacktricks.xyz/pentesting/pentesting-web/xss-to-rce-electron-desktop-apps
|
||||
|
|
Loading…
Reference in New Issue