CVE-2022-44875

Publication date

2023-03-06 00:00:00

Family

mitre

State

PUBLISHED

Description

KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code.