Lucene search

CVE-2023-38506

🗓️ 21 Jun 2024 20:12:15Reported by GitHub_MType

Joplin note taking app allows arbitrary code execution due to XSS vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 3
Cvelist	CVE-2023-38506 Cross-site Scripting (XSS) when pasting HTML into the rich text editor in Joplin	21 Jun 202419:43	–	cvelist
NVD	CVE-2023-38506	21 Jun 202420:15	–	nvd
Vulnrichment	CVE-2023-38506 Cross-site Scripting (XSS) when pasting HTML into the rich text editor in Joplin	21 Jun 202419:43	–	vulnrichment

Nvd

Vulners

Vulnrichment

Node

joplin_project joplinRange<2.12.10-

[
  {
    "vendor": "laurent22",
    "product": "joplin",
    "versions": [
      {
        "version": "< 2.12.10",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/laurent22/joplin/security/advisories/GHSA-m59c-9rrj-c399

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Jun 2024 20:15Current

7.7High risk

Vulners AI Score7.7

CVSS35.4 - 8.2

EPSS0.00432

SSVC

CWE-79