Outline Security Vulnerabilities

CVE-2022-2342

Cross-site Scripting (XSS) - Stored in GitHub repository outline/outline prior to v0.64.4.

CVE-2023-3532

Cross-site Scripting (XSS) - Stored in GitHub repository outline/outline prior to 0.70.1.

CVE-2024-37830

An issue in Outline <= v0.76.1 allows attackers to redirect a victim user to a malicious site via intercepting and changing the state cookie.

CVE-2024-40626

Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting (XSS) vulnerability in Outline. An authenticated user can create a document containing a malicious JavaScript payload. When other...