7 matches found
CVE-2020-9038
Joplin through 1.0.184 allows Arbitrary File Read via XSS...
demo-joplin (>=1.0.1 <=1.0.8) potentially affected by CVE-2020-9038 via joplin (=0.10.93)
joplin NPM version =0.10.93 is affected by a known vulnerability. The following packages have a transitive dependency on joplin and may be impacted: - demo-joplin =1.0.1, =1.0.8 Source cves: CVE-2020-9038 Source advisory: OSV:GHSA-6R7X-HC8M-985R...
Joplin Desktop 1.0.184 Cross Site Scripting
Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version: 1.0.185 Category: Remote Platform: Window...
Joplin Desktop 1.0.184 - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version:...
Joplin Desktop 1.0.184 - Cross-Site Scripting
Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched...
Joplin Desktop 1.0.184 - Cross-Site Scripting
Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version: 1.0.185 Category: Remote Platform: Window...
CVE-2020-9038
CVE-2020-9038 affects Joplin Desktop up to version 1.0.184 (and earlier). The issue is a Cross-Site Scripting (XSS) vulnerability that enables an attacker to read arbitrary files via a malicious note, effectively an Arbitrary File Read. The root cause is an XSS condition in Joplin’s handling of n...