Cross-Site Scripting Vulnerability in WhatsApp Desktop by Facebook
CVE-2019-11928
6.1MEDIUM
What is CVE-2019-11928?
An input validation flaw in WhatsApp Desktop versions prior to v0.3.4932 may allow attackers to exploit cross-site scripting (XSS) vulnerabilities. This issue can be triggered through specially crafted live location messages containing malicious links, potentially compromising the security of users who click on these links.
Affected Version(s)
WhatsApp Desktop 0.3.4932
WhatsApp Desktop < 0.3.4932