| |
Vulnerability CVE-2024-32152
Published: 2024-07-22
| Description: |
A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitrary file creation at a fixed path. An attacker can share a malicious flashcard to trigger this vulnerability. |
Type:
CWE-184 (Incomplete Blacklist)
References: |
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1994
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
