[PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
CVE-2022-45025 Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom) Description The Mume markdown tool library was vulnerable to command injection due to use of spawn command with {shell: true} option This could allow an attacker to achieve arbitary code execution by tricking victim into opening specially crafted Markdown file using VSCode or Atom The