Mansuf

**Name of the Vulnerable Software and Affected Versions** mangadex-downloader versions 1.3.0 through 1.7.2 **Description** The issue occurs when using the `file:<location>` command with a web URL location, causing the mangadex-downloader to attempt to open and read a file on the local disk for each line of website content. This could potentially allow unauthorized access to local files. The app only reads the files without executing them, but it is still a significant concern. **Recommendations** For mangadex-downloader versions 1.3.0 through 1.7.1, update to version 1.7.2 or later to resolve the issue. For version 1.7.2, no further action is required as it contains a patch for this issue. As a temporary workaround for versions prior to 1.7.2, consider double-checking the URL before proceeding to download.