CVE-2013-5725 Information

Description

The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions which allows remote attackers to overwrite arbitrary files via the name and text parameters in a byword://replace URL.

Reference

http://archives.neohapsis.com/archives/bugtraq/2013-09/0145.html