POC Jamovi <=1.6.18 is affected by a cross-site scripting (XSS) vulnerability. The column-name is vulnerable to XSS in the ElectronJS Framework. An attacker can make a .omv (Jamovi) document containing a payload. When opened by victim, the payload is triggered.
CVE-2021-28079 - POC Jamovi <=1618 is affected by a cross-site scripting (XSS) vulnerability The column-name is vulnerable to XSS in the ElectronJS Framework An attacker can make a omv (Jamovi) document containing a payload When opened by victim, the payload is triggered 🔥\> file exampleomv exampleomv: Zip archive data, at least v20 to extract