mangadex-downloader is vulnerable to information disclosure. The vulnerability exists due to the improper url path validation in the validate_url
function of validator.py
, allowing an attacker to open and read files from the local disk through the commands such as file:
and ``
CPE | Name | Operator | Version |
---|---|---|---|
mangadex-downloader | le | 1.7.1 | |
mangadex-downloader | le | 1.7.1 |