Vulnerabilities
Vulnerable Software
Rakuten:  >> Viber  >> 13.0.0.75  Security Vulnerabilities
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface
CVSS Score
6.3
EPSS Score
0.0
Published
2025-09-12
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-06-22


Contact Us

Shodan ® - All rights reserved