CVE-2023-33188

Name of the Vulnerable Software and Affected Versions Omni-notes versions prior to 6.2.7

Description The Omni-notes Android app has an issue with insufficient path validation when displaying note details received through an externally-provided intent. This allows malicious applications on the same device to force Omni-notes to copy files from its internal storage to the external storage directory, making them accessible to any component with permission to read the external storage.

Recommendations Update to version 6.2.7 of Omni-notes Android to fix the issue.