0.11.4

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-21	CVE-2020-24772	Origin Validation Error vulnerability in Clash Project Clash 0.11.4 In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. network low complexity clash-project CWE-346	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.