VYPR

Telegram Web

by Telegramdesktop

CVEs (3)

  • CVE-2022-43363Dec 6, 2022
    risk 0.00cvss epss 0.00

    Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.

  • CVE-2021-40532Sep 6, 2021
    risk 0.00cvss epss 0.01

    Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension.

  • CVE-2018-20436Dec 24, 2018
    risk 0.00cvss epss 0.02

    The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also…