Vulnerability: Message Deletion Advertised but Retrievable in Wire for Windows

Vulnerability: Message Deletion Advertised but Retrievable in Wire for Windows

CVE-2022-43673 · MEDIUM Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Wire through 3.22.3993 on Windows advertises deletion of sent messages; nonetheless, all messages can be retrieved (for a limited period of time) from the AppData\Roaming\Wire\IndexedDB\https_app.wire.com_0.indexeddb.leveldb database.

Learn more about our Web Application Penetration Testing UK.