Rakuten · Viber Desktop · CVE-2025-55996
Name of the Vulnerable Software and Affected Versions:
Viber Desktop version 25.6.0
Description:
Viber Desktop version 25.6.0 is susceptible to HTML Injection through the `text` parameter within the message compose/forward interface.
Recommendations:
As a temporary workaround, sanitize the `text` parameter to remove potentially malicious HTML code before sending or forwarding messages.