First published: Mon Jul 23 2018(Updated: )
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Wesnoth The Battle For Wesnoth | >=1.7.0<=1.14.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.