Path Traversal in Facebook Whatsapp Business For Ios

CVE-2020-1904

A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachm…

EPSS: 0.005 (64.1th percentile) — read the EPSS interpretation.

Affected products

Facebook Whatsapp Business For Ios — versions 2.20.61, unspecified
Facebook Whatsapp For Ios — versions 2.20.61, unspecified

Weakness classification (CWE)

CWE-23 — Relative Path Traversal

References

www.whatsapp.com/security/advisories/2020/ (x_refsource_CONFIRM)