Skip to main content

CVE-2023-27035

Description

An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.

NVD
Severity: HIGH
CVE ID: CVE-2023-27035
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

MITRE
Severity: MEDIUM
CVE ID: CVE-2023-27035
CVSS Score: 6.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Refrence: NVD MITRE

Proof Of Concept

fivex3

Refrence: GitHub

Description
Proof Of Concept