CVE-2023-25303 Information

Description

ATLauncher <= 3.4.26.0 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside of the installation directory.

Reference

https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/ https://github.com/ATLauncher/ATLauncher/security/advisories/GHSA-7cff-8xv4-mvx6