CVE-2023-44141

Summary

Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file.

Affected Software

VendorProductVersion RangeStatus
Takuya MatsuyamaInkdropprior to v5.6.0affected

Weaknesses

  • Code injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References