Hello,
A security vulnerability has been discovered in the MuWire plugin. It does not affect the standalone desktop client. If you are running a MuWire plugin you should update ASAP.
For more information about the vulnerability as well as updated security recommendations see http://muwire.i2p/security.html
Summary:
An attacker can craft a link that will execute arbitrary javascript in the browser if the MuWire plugin is running. This can lead to de-anonymization, sharing of arbitrary files and possibly access to all functionality of the I2P router console.
Thanks
zab
- Board index 3rdParty MuWire
- Search
-
- It is currently 09 Nov 2024 20:30
- All times are UTC
Security alert for MuWire plugin
The MuWire file sharing application
-
zlatinb
Jump to
- Announcements
- ↳ Blogentries
- ↳ Releases
- Guides
- I2P Router
- ↳ Router
- ↳ Susimail
- ↳ Addressbook
- ↳ I2PSnark
- ↳ Android
- ↳ i2pd
- ↳ i2p+
- Development
- ↳ Proposals
- ↳ I2P Laboratory
- 3rdParty
- ↳ I2P-Bote
- ↳ Plugins
- ↳ Syndie
- ↳ iMule
- ↳ Tahoe-LAFS
- ↳ MuWire
- ↳ BrowserBundle
- General
- ↳ Meetings
- ↳ Talks & Events
- ↳ Misc
- ↳ Hidden Service Announcements
- International
- ↳ Русский
- ↳ Deutsch
- ↳ Espanol
- ↳ العربية
- ↳ فارسی
- ↳ 中文论坛
- Forum Issues