Directory Traversal Vulnerability in MacDown 0.7.1 Allows Arbitrary Program Execution
CVE-2019-12138 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
MacDown 0.7.1 allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note.
Learn more about our Web Application Penetration Testing UK.