CVE-2023-29478 Information

Description

BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder which results in code execution.

Reference

https://github.com/Exopteron/BiblioRCE