CVE-2022-24762

Name of the Vulnerable Software and Affected Versions sysend.js versions prior to 1.10.0

Description The issue affects users who use cross-origin communication, potentially allowing their communications to be intercepted. However, the impact is limited because the communication occurs within the same browser. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions prior to 1.10.0, update to version 1.10.0 to resolve the issue. As a temporary workaround, consider avoiding sending communications that a user does not want to have intercepted via sysend messages.