CVE-2023-2316

moderate-risk

Published 2023-08-19

Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/<absolute-path>". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.

Do I need to act?

0.37% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.4/10 High

NETWORK / LOW complexity

Affected Products (1)

Typora

Affected Vendors

Typora

References (4)

Exploit https://starlabs.sg/advisories/23/23-2316/

Vendor Advisory https://support.typora.io/What's-New-1.6/

Exploit https://starlabs.sg/advisories/23/23-2316/

Vendor Advisory https://support.typora.io/What's-New-1.6/

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal