Unintended API Access Vulnerability in Obsidian before 1.2.2

Unintended API Access Vulnerability in Obsidian before 1.2.2

CVE-2023-33244 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Obsidian before 1.2.2 allows calls to unintended APIs (for microphone access, camera access, and desktop notification) via an embedded web page.

Learn more about our Cis Benchmark Audit For Desktop Software.