Skip to main content
← Back to Advisories

Pexip Infinity Connect Arbitrary JavaScript Execution

MEDIUM CVE-2024-25973
Dominik Penner's profile picture

Dominik Penner @zer0pwn

Jake Bolam's profile picture

Jake Bolam @xixasec

DESCRIPTION

A vulnerability in Pexip Infinity Connect allows arbitrary JavaScript execution through the application's interface.

DETAILS

The Pexip Infinity Connect client contains a vulnerability that allows arbitrary JavaScript execution through the application’s interface. This could potentially allow an attacker to execute malicious code in the context of the application.

AFFECTING

  • Pexip Infinity Connect • 1.13.0 for Windows, macOS, Linux, Android, iOS