electron is vulnerable to authorization bypass. The vulnerability exists through a possible context isolation bypass, allowing Electronapplications using the “contextIsolation” code, running in the main world context in the renderer to reach into the isolated Electron context and perform privileged actions.
github.com/electron/electron/commit/890bd47caf7d0d10da3068f45f46d27aa15f015e
github.com/electron/electron/commit/9f5924c5ea6e0c3a7da37047ecbd8c2975fbe519
github.com/electron/electron/commit/a985865f657e4d0f5dfe2f9874084bd6424fbc0c
github.com/electron/electron/commit/ca11175780bc771e598e503f3b50e0f3f219575a
github.com/electron/electron/security/advisories/GHSA-6vrv-94jv-crrg
www.electronjs.org/releases/stable?page=3#release-notes-for-v824