Description
iTunesRPC-Remastered is a discord rich presence application for use with iTunes & Apple Music. In code before commit 24f43aa user input is not properly sanitized and code injection is possible. Users are advised to upgrade as soon as is possible. There are no known workarounds for this issue.
References (3)
Core 3
Core References
Patch, Third Party Advisory x_refsource_confirm
https://github.com/bildsben/iTunesRPC-Remastered/security/advisories/GHSA-3xpp-rhqx-cw96
Patch, Third Party Advisory x_refsource_misc
https://github.com/bildsben/iTunesRPC-Remastered/commit/24f43aac0f4116b3d89fdbe973ba92c6cfb0d998
Patch, Third Party Advisory x_refsource_misc
https://github.com/bildsben/iTunesRPC-Remastered/commit/54b02d9f3a94de94e4fb471908b8cf798e62e411
Scores
CVSS v3
9.9
EPSS
0.0037
EPSS Percentile
59.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-116
Status
published
Products (1)
itunesrpc-remastered_project/itunesrpc-remastered
Published
Feb 01, 2022
Tracked Since
Feb 18, 2026