The flaw in the Older version of the WhatsApp’s desktop has let the attackers insert JavaScript into messages and remotely access target files from a Windows or a Mac computer.
The flaw was first reported by PerimeterX researcher Gal Weizman. He also revealed a mix of multiple high-security vulnerabilities that exist within the WhatsApp web. According to the report, the WhatsApp web vulnerability has been tracked as CVE-2019-18426, which allowed for cross-site scripting (XSS).
The report further stated that the vulnerabilities affect WhatsApp’s desktop software from version 0.3.9309 and earlier, as well as people who connected the app with WhatsApp’s iOS editions before 2.20.10.
This is not the first WhatsApp being reported with their app flaws. Just a few months back, researchers of Check Point had reported another WhatsApp serious vulnerability that led to group chat crash the moment a destructive message was introduced by the hackers in the chat, leading the entire group chat history being deleted forever.
The solution advised is to install the latest version and regularly updating the app. Such vulnerabilities creep in to your app if you are not persistently updating it.
