Ankitects Anki arbitrary script execution vulnerability
High severity
GitHub Reviewed
Published
Jul 22, 2024
to the GitHub Advisory Database
•
Updated Nov 18, 2024
Description
Published by the National Vulnerability Database
Jul 22, 2024
Published to the GitHub Advisory Database
Jul 22, 2024
Reviewed
Jul 25, 2024
Last updated
Nov 18, 2024
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability.
References