An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a crafted script to the nwjs framework component.
The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Weave_desktop | Weave | 7.78.10 (including) | 7.84.1 (including) |