You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary:
Thank you for designing the Jasper Desktop Application and for making it open source. The application does a great job of using secure practices and limiting in-app navigation. We point to ways that these practices can be better enforced.
Platform(s) Affected:
MacOS, Windows, Linux
Steps To Reproduce:
Open the Jasper Desktop Application with --remote-debugging-port=8315. In your Chromium-based browser, navigate to localhost:8315 and interact with the application via the DevTools console.
[Navigate to Malicious Site] Within the address bar, update the location, to say, window.open(“[https://malicious.com](https://google.com/)”). This site is loaded in a new window within the application. While Jasper adds a listener on Electron’s will-navigate, it does not add a similar handler to setWindowOpenHandler().
[Keeping up-to-date w/ Electron.js]: The application uses an old version of Electron.js (v18.0.4) and Chromium (v100.0.4896.75) which is vulnerable to numerous known V8 and Blink attacks. Upgrading to an even newer version will be a great idea as well [Link]
–
Mir Masood Ali, PhD student, University of Illinois Chicago
Mohammad Ghasemisharif, PhD Candidate, University of Illinois Chicago
Chris Kanich, Associate Professor, University of Illinois Chicago
Jason Polakis, Associate Professor, University of Illinois Chicago
The text was updated successfully, but these errors were encountered:
Summary:
Thank you for designing the Jasper Desktop Application and for making it open source. The application does a great job of using secure practices and limiting in-app navigation. We point to ways that these practices can be better enforced.
Platform(s) Affected:
MacOS, Windows, Linux
Steps To Reproduce:
Open the Jasper Desktop Application with
--remote-debugging-port=8315. In your Chromium-based browser, navigate tolocalhost:8315and interact with the application via the DevTools console.[Navigate to Malicious Site] Within the address bar, update the location, to say,
window.open(“[https://malicious.com](https://google.com/)”). This site is loaded in a new window within the application. While Jasper adds a listener on Electron’swill-navigate, it does not add a similar handler tosetWindowOpenHandler().[Keeping up-to-date w/ Electron.js]: The application uses an old version of Electron.js (v18.0.4) and Chromium (v100.0.4896.75) which is vulnerable to numerous known V8 and Blink attacks. Upgrading to an even newer version will be a great idea as well [Link]
–
Mir Masood Ali, PhD student, University of Illinois Chicago
Mohammad Ghasemisharif, PhD Candidate, University of Illinois Chicago
Chris Kanich, Associate Professor, University of Illinois Chicago
Jason Polakis, Associate Professor, University of Illinois Chicago
The text was updated successfully, but these errors were encountered: