Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:43 p.m.9 views

CVE-2020-9038

Joplin through 1.0.184 allows Arbitrary File Read via XSS...

5.4CVSS6.8AI score0.03566EPSS
Exploits5References1
vulnersOsv
vulnersOsv
added 2020/10/13 5:29 p.m.6 views

demo-joplin (>=1.0.1 <=1.0.8) potentially affected by CVE-2020-9038 via joplin (=0.10.93)

joplin NPM version =0.10.93 is affected by a known vulnerability. The following packages have a transitive dependency on joplin and may be impacted: - demo-joplin =1.0.1, =1.0.8 Source cves: CVE-2020-9038 Source advisory: OSV:GHSA-6R7X-HC8M-985R...

5.4CVSS6.1AI score0.03566EPSS
Exploits5
Packet Storm
Packet Storm
added 2020/03/02 12:0 a.m.135 views

Joplin Desktop 1.0.184 Cross Site Scripting

Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version: 1.0.185 Category: Remote Platform: Window...

4.3CVSS5.7AI score0.03566EPSS
Exploits5
0day.today
0day.today
added 2020/03/02 12:0 a.m.84 views

Joplin Desktop 1.0.184 - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version:...

4.3CVSS5.7AI score0.03566EPSS
Exploits5
exploitpack
exploitpack
added 2020/03/02 12:0 a.m.89 views

Joplin Desktop 1.0.184 - Cross-Site Scripting

Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched...

4.3CVSS5.3AI score0.03566EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/02 12:0 a.m.237 views

Joplin Desktop 1.0.184 - Cross-Site Scripting

Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched Version: 1.0.185 Category: Remote Platform: Window...

5.4CVSS5.6AI score0.03566EPSS
Exploits5
CVE
CVE
added 2020/02/17 3:47 p.m.105 views

CVE-2020-9038

CVE-2020-9038 affects Joplin Desktop up to version 1.0.184 (and earlier). The issue is a Cross-Site Scripting (XSS) vulnerability that enables an attacker to read arbitrary files via a malicious note, effectively an Arbitrary File Read. The root cause is an XSS condition in Joplin’s handling of n...

5.4CVSS5.5AI score0.03566EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder