XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
CVSS Score
8.8
EPSS Score
0.008
Published
2022-06-13