Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.8 views

CVE-2023-2971

Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text fro...

6.5CVSS6.8AI score0.00446EPSS
Exploits1References1
NVD
NVD
added 2023/08/19 6:15 a.m.28 views

CVE-2023-2971

Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text fro...

6.5CVSS6.2AI score0.00446EPSS
Exploits1References1
OSV
OSV
added 2023/08/19 6:15 a.m.3 views

CVE-2023-2971

Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text fro...

6.5CVSS5.8AI score0.00446EPSS
Exploits1References1
CVE
CVE
added 2023/08/19 5:45 a.m.62 views

CVE-2023-2971

CVE-2023-2971 describes a path handling vulnerability in Typora prior to 1.7.0-dev on Windows and Linux. A crafted webpage or malicious markdown content can trigger access to local files and exfiltration to remote servers via the endpoint typora://app/typemark/. The risk is supported by multiple ...

6.5CVSS6.2AI score0.00446EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/19 5:45 a.m.8 views

CVE-2023-2971 Typora Local File Disclosure

Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text fro...

6.3CVSS6.8AI score0.00446EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/08/19 5:45 a.m.28 views

CVE-2023-2971 Typora Local File Disclosure

Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text fro...

6.3CVSS6.6AI score0.00446EPSS
Exploits1References1
Rows per page
Query Builder