Lucene search
K

74 matches found

CVE
CVE
added 2018/10/22 1:0 a.m.49 views

CVE-2018-18553

Leanote 2.6.1 is affected by a cross-site scripting (XSS) vulnerability in the Blog Basic Setting title field, exploitable via rendering of the  Likes page. The issue stems from mishandling the title field during page rendering, allowing injected scripts/HTML to execute in affected contexts. Pub...

6.1CVSS6AI score0.00865EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/10/22 1:0 a.m.14 views

CVE-2018-18553

Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page...

6.1AI score0.00865EPSS
Exploits1References1
Prion
Prion
added 2018/01/03 1:29 a.m.12 views

Design/Logic Flaw

Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration...

4.3CVSS6.3AI score0.01044EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/01/03 1:29 a.m.17 views

CVE-2017-1000492

Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration...

6.1CVSS6.5AI score
Exploits0References2
NVD
NVD
added 2018/01/03 1:29 a.m.18 views

CVE-2017-1000492

Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration...

6.1CVSS6.4AI score0.01044EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/01/03 1:0 a.m.25 views

CVE-2017-1000492

Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration...

6.4AI score0.01044EPSS
Exploits0References2
CVE
CVE
added 2018/01/03 1:0 a.m.40 views

CVE-2017-1000492

CVE-2017-1000492 affects Leanote-desktop v2.5. The vulnerability is a cross-site scripting (XSS) flaw caused by enabled Node integration, which can lead to code execution. Multiple sources (NVD and Red Hat, OSV, CNVD, etc.) corroborate the issue. CVSS details: CVSS2 base 4.3 (I:P) and CVSS3 base ...

6.1CVSS6.3AI score0.01044EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/01/03 12:29 a.m.14 views

CVE-2017-1000459

Leanote version = 2.5 is vulnerable to XSS due to not sanitized input in markdown notes...

6.1CVSS6AI score0.00836EPSS
Exploits1References1
Prion
Prion
added 2018/01/03 12:29 a.m.17 views

Design/Logic Flaw

Leanote version = 2.5 is vulnerable to XSS due to not sanitized input in markdown notes...

4.3CVSS5.9AI score0.00836EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/01/03 12:29 a.m.12 views

CVE-2017-1000459

Leanote version = 2.5 is vulnerable to XSS due to not sanitized input in markdown notes...

6.1CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 2018/01/03 12:0 a.m.15 views

CVE-2017-1000459

Leanote version = 2.5 is vulnerable to XSS due to not sanitized input in markdown notes...

6AI score0.00836EPSS
Exploits1References1
CVE
CVE
added 2018/01/03 12:0 a.m.50 views

CVE-2017-1000459

Leanote

6.1CVSS5.9AI score0.00836EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/01/03 12:0 a.m.3 views

Leanote Cross-Site Scripting Vulnerability

Leanote is an open source notepad application. A cross-site scripting vulnerability exists in Leanote 2.5 and earlier versions, which stems from the program failing to filter input in markdown comments. A remote attacker can use this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.00836EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/03 12:0 a.m.4 views

Leanote-desktop Cross-Site Scripting Vulnerability

Leanote-desktop is an open source notepad application. A cross-site scripting vulnerability exists in Leanote-desktop v2.5. A remote attacker can exploit this vulnerability to execute code...

6.1CVSS6.5AI score0.01044EPSS
Exploits0References1
Rows per page
Query Builder