Discord 0-click XSS to RCE (2022)IPC allowlist bypass allowing to arbitary IPC calls setting a malicious update endpoint
Discord 1-click XSS to RCE (2020)Path traversal in an Electron app leading to NodeJS execution from browser