Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file.
[
{
"vendor": "Takuya Matsuyama",
"product": "Inkdrop",
"versions": [
{
"version": "prior to v5.6.0",
"status": "affected"
}
]
}
]