Impact
Users of MuWire desktop client can be de-anonymized by an attacker who knows their full id.
Patches
Problem is fixed in MuWire 0.8.8
Workarounds
Users can disable messaging functionality and will be safe.
Description
Input from network was not being sanitized for HTML entities. An attacker could send a message with a subject like:
<html><img src="https://my.tracking.server.com"/></html>
and the MuWire would try to fetch that image via clearnet, thus exposing the IP address of the user.
For more information
If you have any questions or comments about this advisory:
Impact
Users of MuWire desktop client can be de-anonymized by an attacker who knows their full id.
Patches
Problem is fixed in MuWire 0.8.8
Workarounds
Users can disable messaging functionality and will be safe.
Description
Input from network was not being sanitized for HTML entities. An attacker could send a message with a subject like:
and the MuWire would try to fetch that image via clearnet, thus exposing the IP address of the user.
For more information
If you have any questions or comments about this advisory: