Arbitrary Command Execution Vulnerability in Markdown Preview Enhanced v0.6.5 and v0.19.6

Arbitrary Command Execution Vulnerability in Markdown Preview Enhanced v0.6.5 and v0.19.6

CVE-2022-45026 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom allows attackers to execute arbitrary commands during the GFM export process.

Learn more about our Web Application Penetration Testing UK.