Security alert for MuWire plugin
Posted: 06 Jul 2021 20:06
Hello,
A security vulnerability has been discovered in the MuWire plugin. It does not affect the standalone desktop client. If you are running a MuWire plugin you should update ASAP.
For more information about the vulnerability as well as updated security recommendations see http://muwire.i2p/security.html
Summary:
An attacker can craft a link that will execute arbitrary javascript in the browser if the MuWire plugin is running. This can lead to de-anonymization, sharing of arbitrary files and possibly access to all functionality of the I2P router console.
Thanks
zab
A security vulnerability has been discovered in the MuWire plugin. It does not affect the standalone desktop client. If you are running a MuWire plugin you should update ASAP.
For more information about the vulnerability as well as updated security recommendations see http://muwire.i2p/security.html
Summary:
An attacker can craft a link that will execute arbitrary javascript in the browser if the MuWire plugin is running. This can lead to de-anonymization, sharing of arbitrary files and possibly access to all functionality of the I2P router console.
Thanks
zab