Security alert for MuWire plugin

The MuWire file sharing application
Post Reply
zlatinb

Security alert for MuWire plugin

Post by zlatinb »

Hello,

A security vulnerability has been discovered in the MuWire plugin. It does not affect the standalone desktop client. If you are running a MuWire plugin you should update ASAP.

For more information about the vulnerability as well as updated security recommendations see http://muwire.i2p/security.html

Summary:

An attacker can craft a link that will execute arbitrary javascript in the browser if the MuWire plugin is running. This can lead to de-anonymization, sharing of arbitrary files and possibly access to all functionality of the I2P router console.

Thanks
zab
Post Reply