CVE-2025-1087 Information

Description

Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings which can lead to arbitrary JavaScript execution in the context of the application.

Reference

https://github.com/Kong/insomnia