Affected versions of this package are vulnerable to Information Exposure. IPC messages sent from the main process to a subframe in the renderer process, through
event.reply or when using the
remote module, can in some cases be delivered to the wrong frame.
electron to version 9.4.0, 10.2.0, 11.1.0, 12.0.0-beta.9 or higher.