This advisory documents proof of concept flows for manipulation the HTML tag injection vulnerability discovered in Signal Desktop. Versions affected include 1.7.1, 1.8.0, 1.9.0, 1.10.0, and 1.10.1.
5f9aa1e1147648a40479bc5b43a72f60f8b6d73aedadd62e3613fc7f5288b2b5