iTerm2 up to and including 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote malicious users to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git repositories.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
iterm2 iterm2 |