30 matches found
CVE-2021-33295
Cross Site Scripting XSS vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html...
EUVD-2021-1156
Malware in sbrugna...
EUVD-2021-1044
Malware in sbrugna...
EUVD-2022-6113
Malicious code in bioql PyPI...
EUVD-2023-0480
Malicious code in bioql PyPI...
CVE-2022-45598
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization...
CVE-2024-49362
Joplin is a free, open source note taking and to-do application. Joplin-desktop has a vulnerability that leads to remote code execution RCE when a user clicks on an link within untrusted notes. The issue arises due to insufficient sanitization of tag attributes introduced by the Mermaid. This...
Remote Code Execution on click of <a> Link in markdown preview
Summary There is a vulnerability in Joplin-desktop that leads to remote code execution RCE when a user clicks on an link within untrusted notes. The issue arises due to insufficient sanitization of tag attributes introduced by the Mermaid. This vulnerability allows the execution of untrusted HTML...
GHSA-HFF8-HJWV-J9Q7 Remote Code Execution on click of <a> Link in markdown preview
Summary There is a vulnerability in Joplin-desktop that leads to remote code execution RCE when a user clicks on an link within untrusted notes. The issue arises due to insufficient sanitization of tag attributes introduced by the Mermaid. This vulnerability allows the execution of untrusted HTML...
CVE-2022-45598
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization...
CVE-2022-45598
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization...
Cross site scripting
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization...
CVE-2022-45598
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization...
CVE-2022-45598
CVE-2022-45598 is a Cross Site Scripting vulnerability in the Joplin Desktop App prior to version 2.9.17, caused by improper sanitization of input. The weakness can allow an attacker to run arbitrary code within the context of the affected application. Affected software is the Joplin Desktop App ...
CVE-2022-45598
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization...
GHSA-PHJ8-2P6X-HQ5R Joplin Cross Site Scripting Vulnerability via NOSCRIPT tags
Cross Site Scripting XSS vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html...
CVE-2021-33295
Cross Site Scripting XSS vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html...
CVE-2021-33295
Cross Site Scripting XSS vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html...
Cross site scripting
Cross Site Scripting XSS vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html...
CVE-2021-33295
CVE-2021-33295 : Joplin Desktop App contains a Cross Site Scripting (XSS) vulnerability in versions before 1.8.5 due to improper sanitization of HTML. This allows an attacker to execute arbitrary code via crafted HTML content in the application UI. The root cause is insufficient cleanup/validatio...