CVE-2022-23603 Information
Jun 07, 2022
cve
Description
iTunesRPC-Remastered is a discord rich presence application for use with iTunes & Apple Music. In code before commit 24f43aa user input is not properly sanitized and code injection is possible. Users are advised to upgrade as soon as is possible. There are no known workarounds for this issue.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
https://github.com/bildsben/iTunesRPC-Remastered/security/advisories/GHSA-3xpp-rhqx-cw96 https://github.com/bildsben/iTunesRPC-Remastered/commit/54b02d9f3a94de94e4fb471908b8cf798e62e411 https://github.com/bildsben/iTunesRPC-Remastered/commit/24f43aac0f4116b3d89fdbe973ba92c6cfb0d998
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1
Share on: