CVE-2016-1573

Name of the Vulnerable Software and Affected Versions Unity8 versions prior to 8.11+16.04.20160122-0ubuntu1

Description The issue allows execution of arbitrary code when a fallback image supplied by a scope is used in place of a legitimate image. This is due to a flaw in the file plugins/Dash/CardCreator.js.

Recommendations For Unity8 versions prior to 8.11+16.04.20160122-0ubuntu1, consider restricting the use of the CardCreator.js file in the plugins/Dash directory until a patch is available. Avoid using the fallback image feature in the affected scope until the issue is resolved.