Remote Code Execution in MacDown 0.7.1 (870) via file:\\\ URI in HREF Attribute
CVE-2019-12173 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.
Learn more about our Web Application Penetration Testing UK.