| |
Podatność CVE-2024-32152
Publikacja: 2024-07-22
| Opis: |
A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitrary file creation at a fixed path. An attacker can share a malicious flashcard to trigger this vulnerability. |
Typ:
CWE-184 (Incomplete Blacklist)
Referencje: |
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1994
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English