This also meant he was able to get read permissions from the local file system on the app. PerimeterX researcher Weizman dug deep into the WhatsApp Content Security Policy (CSP) and it was here that he found the "gap" that enabled him to perform "bypasses and cross-site scripting" exploits on the desktop app itself. Getting technical and diving into the WhatsApp Content Security Policy However, the starting point is so large that we could still well be talking hundreds of thousands, if not millions. Because this vulnerability, as devastatingly simple and dangerous as it is, can only be exploited by those users with an older desktop app connected to their older iPhone app, the number of people at risk is reduced even further. While WhatsApp itself is said to have 1.5 billion active monthly users, the number of those who are using the app on an iPhone is not known.
0 kommentar(er)
