Skip to main content

CVE-2024-23743

Description

Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states "the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based application into a Node.js execution environment."

NVD
Severity: LOW
CVE ID: CVE-2024-23743
CVSS Score: 3.3
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Refrence: NVDMITRE

Proof Of Concept

giovannipajeu1

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8