CVE-2023-27035 MEDIUM

CVE-2023-27035

Vendor N/A
Product n/a
Published May 1, 2023
Last update January 30, 2025

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:R

What the vulnerability does

01Description

An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.

Key dates

02Disclosure timeline

May 1, 2023 CVE published
January 30, 2025 Record updated