Directory Traversal Vulnerability in MacDown 0.7.1 Allows Arbitrary Program Execution

Directory Traversal Vulnerability in MacDown 0.7.1 Allows Arbitrary Program Execution

CVE-2019-12138 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note.

Learn more about our Web Application Penetration Testing UK.