id: node-integration-enabled info: name: Electron Applications - Cross-Site Scripting & Remote Code Execution author: me9187 severity: critical description: | Electron Applications is susceptible to remote code execution by way of cross-site scripting via nodeIntegration by calling require('child_process').exec('COMMAND');. reference: - https://blog.yeswehack.com/yeswerhackers/exploitation/pentesting-electron-applications/ - https://book.hacktricks.xyz/pentesting/pentesting-web/xss-to-rce-electron-desktop-apps tags: electron,file,nodejs file: - extensions: - all matchers: - type: word words: - "nodeIntegration: true"