[ankurdhama]

My assumption here is that if the link is web link it will open that link in web browser but Windows (and other OSes) have custom URL handlers that open whatever app is registered for that URL and that app may have issues that causes it to download and run arbitrary code.

[colinsane]

Windows and other OSes have application launchers that open whatever app you want, and those apps may have issues that cause it to download and run arbitrary code. if that's the logic here, then every application launcher is vulnerable to similar RCE.

if there's really nothing more to this 8.8 RCE CVE than that, this will finally be the thing that's makes me blackhole cve.org.