ASA-2019-00072 – Electron: Vulnerability that allowed Node to be re-enabled in child Windows

A code vulnerability has been discovered that allows Node to be re-enabled in child windows. Opening a BrowserView with sandbox: true or nativeWindowOpen: true and nodeIntegration: false results in a webContents where window.open can be called and the newly opened child window will have nodeIntegration enabled.