WhatsApp just fixed another dangerous bug in its desktop app

Facebook-owned instant messaging app WhatsApp has been infected by a new bug, according to a report by a PerimeterX researcher Gal Weizman. The vulnerability that has been discovered has enabled hackers to remotely access files from a Windows or Mac computer.
The said vulnerability is said to be an amalgamating of several flaws that are there in the desktop app of WhatsApp and even were part of WhatsApp Web client that works on web browsers such as Google Chrome and Safari.
As per the report, the vulnerability lies in WhatsApp’s Content Security Policy (CSP) that could be exploited to send manipulated messages and links using Cross-Site Scripting (XSS). The researcher was able tweak the url and send a malicious link instead of the legit link by including legitimate looking banner.
“Messages with rich preview banners are messages that include banners with extra information regarding a link that is in the body of the message. On WhatsApp the banner is being generated on the side of the sender and this is an important point to understand.