CVE-2019-12173 · Vexday

CVE-2019-12173

EPSS 3.8%

MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/MacDownApp/macdown/issues/1050