{"vulnerability": "CVE-2019-12172", "sightings": [{"uuid": "49638a12-1def-46e0-ae2e-b4730a4bbe1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12172", "type": "seen", "source": "https://t.me/cve_mitre_org/72", "content": "CVE-2019-12172 Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137. https://t.co/GXr6BkmZev\u2014 CVE (@CVEnew) May 17, 2019\n\nMay 18, 2019 at 02:45AM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-17T23:47:08.000000Z"}]}