An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.
Metrics
CVSS Version: 3.1 |
Base Score: 6.5 MEDIUM Vector: CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:R