Joplin Security Vulnerabilities and Issues — Joplin CVE List

Lucene search

Joplin ProjectJoplin

3 matches found

CVE•added 2020/02/17 4:15 p.m.•83 views

CVE-2020-9038

Joplin through 1.0.184 allows Arbitrary File Read via XSS.

5.4CVSS5.5AI score0.01177EPSS

CVE•added 2022/06/16 9:15 p.m.•55 views

CVE-2021-33295

Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.

5.4CVSS5.3AI score0.0025EPSS

CVE•added 2025/02/07 11:15 p.m.•37 views

CVE-2024-55630

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Joplin's HTML sanitizer allows the name attribute to be specified. If name is set to the same value as an existing document property (e.g. querySelector), that propert...

5.5CVSS6.7AI score0.00075EPSS