Vulnerability Details CVE-2021-33501
Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.125
EPSS Ranking 93.7%
CVSS Severity
CVSS v3 Score 9.6
CVSS v2 Score 9.3
References
- https://github.com/swordbytes/Advisories/blob/master/2021/Advisory_CVE-2021-33501.pdf
- https://swordbytes.com/blog/security-advisory-overwolf-1-click-remote-code-execution-cve-2021-33501/
- https://www.overwolf.com
- https://github.com/swordbytes/Advisories/blob/master/2021/Advisory_CVE-2021-33501.pdf
- https://swordbytes.com/blog/security-advisory-overwolf-1-click-remote-code-execution-cve-2021-33501/
- https://www.overwolf.com