This advisory documents proof of concept flows for manipulation the HTML tag injection vulnerability discovered in Signal Desktop. Versions affected include 1.7.1, 1.8.0, 1.9.0, 1.10.0, and 1.10.1.
5f9aa1e1147648a40479bc5b43a72f60f8b6d73aedadd62e3613fc7f5288b2b5
Signal Desktop suffers from an HTML injection vulnerability.
7342445a2a81bafeda692b4072a1691a6690f325366e6a19c447cb00b1ecd5e3