Vulnerability Details CVE-2021-29467
Wrongthink is an encrypted peer-to-peer chat program. A user could check their fingerprint into the service and enter a script to run arbitrary JavaScript on the site. No workarounds exist, but a patch exists in version 2.4.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2021-29467
-
cpe:2.3:a:wrongthink_project:wrongthink:-