CVE-2019-14551

Name of the Vulnerable Software and Affected Versions Q before 2019-08-02

Description The issue allows web sites to execute arbitrary code on client machines. This can be demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive.

Recommendations For versions prior to 2019-08-02, at the moment, there is no information about a newer version that contains a fix for this issue.