CVE-2023-25305

PolyMC Launcher <= 1.4.3 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside of the installation directory. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt