Vulnerabilities > CVE-2022-26877 - Files or Directories Accessible to External Parties vulnerability in Asana Desktop
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |