CVE-2022-24075

Summary

Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files.

Affected Software

VendorProductVersion RangeStatus
NAVERNAVER Whale browserunspecified < 3.12.129.46affected

Weaknesses

  • CWE-552: CWE-552: Files or Directories Accessible to External Parties

ADP Enrichment

CVE Program Container

Additional References

References