The host is installed with Geforce Experience prior to 3.23 and is prone to a spoofing attack vulnerability. A flaw is present in the application, which fails to properly handle special formatted links. Successful exploitation allows remote attackers can create a specially crafted link that opens the GeForce Experience login page in a new browser tab instead of the GeForce Experience application and enters their login information, the malicious site can get access to the token of the user login session.