3 matches found
CVE-2023-2316
Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious...
CVE-2023-2316
Typora (Windows/Linux) prior to 1.6.7 is affected by an improper path handling vulnerability that lets a crafted webpage access local files and exfiltrate them via the typora://app/ protocol. Exploitation can occur when a user opens a malicious Markdown file or pastes text from a malicious page, ...
CVE-2023-2316 Typora Local File Disclosure
Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious...