Path Traversal in Spotipy-dev Spotipy

CVE-2023-23608

Spotipy is a light weight Python library for the Spotify Web API. In versions prior to 2.22.1, if a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.002 (41.4th percentile) — read the EPSS interpretation.