Vulnerability Details CVE-2013-5725
The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in a byword://replace URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.5%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2013-5725
-
cpe:2.3:a:metaclassy:byword:2.0.0
-
cpe:2.3:a:metaclassy:byword:2.0.1
-
cpe:2.3:a:metaclassy:byword:2.0.2
-
cpe:2.3:a:metaclassy:byword:2.0.3