20 matches found
EUVD-2020-18783
Malware in sbrugna...
EUVD-2017-1605
Malware in sbrugna...
EUVD-2020-18784
Malware in sbrugna...
CVE-2020-26157
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...
CVE-2020-26158
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration...
CVE-2017-1000492
Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration...
CVE-2020-26157
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...
CVE-2020-26158
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration...
CVE-2020-26158
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration...
CVE-2020-26157
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...
Design/Logic Flaw
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...
CVE-2020-26157
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...
CVE-2020-26157
CVE-2020-26157 affects Leanote Desktop up to version 2.6.2. The root cause is a mishandled note title during syncing that enables cross-site scripting (XSS). This vulnerability is described as leading to remote code execution due to Node integration. The available documents do not specify a concr...
CVE-2020-26158
Leanote Desktop (up to and including 2.6.2) exposes a vulnerability where triggering the batch feature mishandles a note title, enabling a cross-site scripting (XSS) vector that can lead to remote code execution via Node integration. Root cause: improper handling of the note title within the batc...
CVE-2020-26158
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration...
CVE-2017-1000492
Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration...
CVE-2017-1000492
Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration...
CVE-2017-1000492
CVE-2017-1000492 affects Leanote-desktop v2.5. The vulnerability is a cross-site scripting (XSS) flaw caused by enabled Node integration, which can lead to code execution. Multiple sources (NVD and Red Hat, OSV, CNVD, etc.) corroborate the issue. CVSS details: CVSS2 base 4.3 (I:P) and CVSS3 base ...
CVE-2017-1000492
Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration...
Leanote-desktop Cross-Site Scripting Vulnerability
Leanote-desktop is an open source notepad application. A cross-site scripting vulnerability exists in Leanote-desktop v2.5. A remote attacker can exploit this vulnerability to execute code...