CVE-2021-38148: Obsidian does not require user confirmation for non-http/https URLs.

Severity: Critical

CVSS Score: 9.8

Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs.