CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages.

**CWE-451: User Interface (UI) Misrepresentation of Critical Information.**

> _The user interface does not properly represent critical information to the user, allowing the information to be spoofed. This is often a component in online scams, phishing and disinformation propagation._

When a message contains a valid URL, it is highlighted and marked as hyperlink. However, this is printed to screen before sanitizing Unicode Control Characters, which results in URI spoofing via specially crafted messages.

`Affects all recent distributions of iOS iMessage, WhatsApp, Instagram, and Facebook Messenger as of 2019.8.15`

WhatsApp

Instagram DM

![POCW](https://github.com/zadewg/RIUS/raw/master/whatsapp.gif)

![POCI](https://github.com/zadewg/RIUS/raw/master/instagram.gif)

**mapez** - telegram

Headline

CVE-2020-20096: GitHub - zadewg/RIUS: RTLO Injection URI Spoofing

CVE: Latest News