CVE-2023-25304

Name of the Vulnerable Software and Affected Versions Prism Launcher versions up to v6.1

Description The issue allows attackers to perform a directory traversal via importing a crafted .mrpack file. This can be exploited by importing a specifically designed .mrpack file, potentially leading to unauthorized access to sensitive directories.

Recommendations For Prism Launcher versions up to v6.1, update to a version later than v6.1 to resolve the issue. As a temporary workaround, consider restricting the import of .mrpack files from untrusted sources until a patch is available.