Vendor

Enchant97

1 brief RSS

Note Mark Arbitrary File Write via Path Traversal Leads to Remote Code Execution

Note Mark is vulnerable to arbitrary file write via path traversal in asset names, leading to remote code execution by overwriting system binaries such as /bin/bash.

note-mark/backend path-traversal rce web-application

3r 4t Jan 9, 2024