PT-2026-2421 · Outline · Outline
Milad Karimi
·
Published
2026-01-13
·
Updated
2026-02-02
·
CVE-2023-54331
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Outline version 1.6.0
Description
The software contains an unquoted service path, potentially allowing local attackers to execute arbitrary code with elevated system privileges. Exploitation involves the unquoted service path in the
OutlineService executable, which could allow injection of malicious code to be executed with LocalSystem permissions.Recommendations
Apply appropriate quoting to the service path for the
OutlineService executable.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Outline