CVE-2019-11928: XSS
First published: Thu Sep 03 2020(Updated: )
An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link from a specially crafted live location message.
Credit: cve-assign@fb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Whatsapp Whatsapp Desktop | <0.3.4932 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-11928.
What is the severity of CVE-2019-11928?
The severity of CVE-2019-11928 is medium.
What is the affected software?
The affected software is WhatsApp Desktop versions prior to v0.3.4932.
What is the potential impact of this vulnerability?
This vulnerability could allow cross-site scripting upon clicking on a link from a specially crafted live location message.
Is there a fix available for CVE-2019-11928?
Yes, upgrading to WhatsApp Desktop version v0.3.4932 or newer will fix this vulnerability.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/whatsapp
- canonical/whatsapp whatsapp desktop