{"vulnerability": "CVE-2020-35717", "sightings": [{"uuid": "9669ef3e-08ee-49fd-b044-5bceef7579e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35717", "type": "seen", "source": "https://t.me/cibsecurity/21507", "content": "\u203c CVE-2020-35717 \u203c\n\nzonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-01T12:32:39.000000Z"}, {"uuid": "a302e883-f634-441f-9af6-ef2d4a8681a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35717", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2444", "content": "#exploit\nCVE-2020-35717:\nRCE Through Cross-Site Scripting In Electron Apps\nhttps://medium.com/bugbountywriteup/remote-code-execution-through-cross-site-scripting-in-electron-f3b891ad637", "creation_timestamp": "2024-09-16T16:07:25.000000Z"}]}