CVE-2023-1004

Name of the Vulnerable Software and Affected Versions MarkText versions up to 0.17.1

Description A critical vulnerability has been found in MarkText, affecting an unknown functionality of the component WSH JScript Handler. The manipulation leads to code injection, requiring local access to approach this attack. The exploit has been disclosed to the public and may be used.

Recommendations For MarkText versions up to 0.17.1, update to a version later than 0.17.1 to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.