Dino Messenger Vulnerability Allows Check Bypass

Dino, a communication client, has released corrective updates for its versions 0.4.2 and 0.5 to address a security vulnerability. The vulnerability, identified as CVE-2023-28686, allowed unauthorized users to execute several malicious actions, including adding, changing, or removing entries in personal bookmarks of another user without any victim interaction necessary.

Furthermore, the vulnerability allowed attackers to manipulate group chats by changing their display, adding or removing users, and even accessing sensitive information. The flaw was exploited by sending a specially designed message to the victim.

Dino’s latest updates have eliminated the vulnerability, ensuring that users are safe from any attack exploiting this particular flaw. The company urges all users to download the updates as soon as possible to stay protected from potential security risks.

The corrected versions of Dino can be accessed on their official website, and all users are advised to stay alert and ensure that they apply all necessary updates to keep their systems and information safe from attack.

/Reports, release notes, official announcements.