fivex3

1 exploit Active since May 2023
CVE-2023-27035 NOMISEC MEDIUM WORKING POC
Obsidian Canvas 1.1.9 - Unauthenticated Sensitive Web API Access via Embedded Website
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.
1 stars
CVSS 6.5