Filips123

**Name of the Vulnerable Software and Affected Versions** PWAsForFirefox versions prior to 2.12.0 **Description** The issue arises from improper sanitization of web app properties, such as `name`, `description`, and `shortcuts`, allowing malicious web apps to inject additional lines into XDG Desktop Entries on Linux and `AppInfo.ini` on PortableApps.com. This enables malicious web apps to introduce keys like `Exec`, which can run arbitrary code when the affected web app is launched. The vulnerability affects Linux and PortableApps.com users. There are no known workarounds for this issue. **Recommendations** For PWAsForFirefox versions prior to 2.12.0, update to version 2.12.0 as soon as possible to fix the vulnerability. It is also recommended for Windows and macOS users to update to this version, as it contains additional fixes related to properties sanitization.