CVE-2021-20745

CVE-2021-20745

EPSS 1.0%

Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop.

Affected products

Takuya Matsuyama · Inkdrop

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://docs.inkdrop.app/releases/5.3.1 https://jvn.jp/en/jp/JVN29949691/index.html https://www.inkdrop.app/