Wrongthink Project: Security Vulnerabilities
Wrongthink is an encrypted peer-to-peer chat program. A user could check their fingerprint into the service and enter a script to run arbitrary JavaScript on the site. No workarounds exist, but a patch exists in version 2.4.1.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-04-22