Anki launches a local HTTP server to serve media files and web pages for parts of its interface. The server fails to validate requests in the following ways: No sufficient validation of the Origin header. Some endpoints are vulnerable to path traversal attacks. This allows malicious websites to exfiltrate local files given a known path.
Anki's webview-based pages communicate with the Rust backend using an internal localhost API. Anki implements measures to prevent user scripts run in the reviewer/editor from accessing this API (https://github.com/ankitects/anki/pull/3925) but it inadvertently allows access to scripts included via iframes in the editor. While overall only a limited set of API methods are exposed, some such as getImageForOcclusion can read arbitrary files. CWE: CWE-22 (Path Traversal) Reporter: Bankde (Eakasit)