Critical vulnerability in Slack desktop app could lead to remote code execution
Posted: Mon Oct 14, 2024 6:41 am
A critical vulnerability in business communications app Slack could allow remote code execution (RCE).
The bug in the desktop application was discovered by researcher oskarsv, who reported the flaw through Slack’s HackerOne bug bounty program.
However the billion-dollar company has been slammed for offering what critics have described as a low payment for a high severity bug.
https://portswigger.net/daily-swig/crit ... -execution
The bug in the desktop application was discovered by researcher oskarsv, who reported the flaw through Slack’s HackerOne bug bounty program.
However the billion-dollar company has been slammed for offering what critics have described as a low payment for a high severity bug.
https://portswigger.net/daily-swig/crit ... -execution