CVE-2022-43363

Name of the Vulnerable Software and Affected Versions Telegram Web version 15.3.1

Description The issue allows for XSS via a certain payload derived from a Target Corporation website. Some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.

Recommendations For Telegram Web version 15.3.1, consider disabling the feature that allows processing of payloads from external websites as a temporary workaround until a patch is available. Restrict access to the affected module to minimize the risk of exploitation. Avoid using the affected version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.