Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Minetest |
Minetest |
* |
5.4.0 (excluding) |
References