WhatsApp Desktop < 0.3.9309 and WhatsApp for iPhone < 2.20.10 - Cross-Site Scripting via Link Preview
A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message.