ItemStack Meta Injection Vulnerability in Minetest

ItemStack Meta Injection Vulnerability in Minetest

CVE-2022-24300 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.

Learn more about our User Device Pen Test.