WhatsApp Web had a flaw which would have allowed an attacker to read files on the desktop. (Image source: Reuters) WhatsApp Web had a flaw which would have allowed an attacker to read files on the desktop. The WhatsApp Web flaw is CVE-2019-18426, and according to the description it was impacting WhatsApp Web or the desktop version of the app. The flaw allowed for “cross-site scripting and local file reading,” when WhatsApp Desktop versions prior 0.3.9309 were paired with WhatsApp for iPhone versions prior to 2.20.10. Facebook says it impacted WhatsApp Desktop prior to v0.3.9309 paired with WhatsApp for iPhone versions prior to 2.20.10.

Source: Indian Express February 05, 2020 07:25 UTC