Medium severity6.5NVD Advisory· Published Apr 9, 2022· Updated Jun 17, 2026
CVE-2022-26877
CVE-2022-26877
Description
Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Asana/Asana Desktopdescription
- Range: <1.6.0
Patches
Vulnerability mechanics
References
2- forum.asana.com/t/asana-desktop-app-security-update/160477nvdRelease NotesVendor Advisory
- asana.comnvdProduct
News mentions
0No linked articles in our index yet.