logoalt Hacker News

deanctoday at 6:42 PM1 replyview on HN

Presumably this affects all electron apps which embed chrome too? Don’t they pin the chrome version?


Replies

comextoday at 6:43 PM

Yes, but it's only a vulnerability if the app allows rendering untrusted HTML or visiting untrusted websites, which most Electron apps don't.