CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
55.1%
Janetter is a client software for using Twitter. Janetter contains a cross-site request forgery vulnerability.
When a malicious page is opened with a web browser while Janetter is being used, the user may be impersonated to post tweets, upload local image files, and OS commands may be executed with the privileges of Janetter.
Update the software
Update to the latest version according to the information provided by the developer.
According to the developer, the Windows version of Janetter contains an automatic update feature. This feature automatically updates Janetter once a day.