Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Joplin ProjectJoplin

7 matches found

CVE
CVEā€¢added 2023/06/30 3:15 p.m.ā€¢132 views

CVE-2023-37299

Joplin before 2.11.5 allows XSS via an AREA element of an image map.

6.1CVSS5.9AI score0.00272EPSS
CVE
CVEā€¢added 2023/06/30 3:15 p.m.ā€¢123 views

CVE-2023-37298

Joplin before 2.11.5 allows XSS via a USE element in an SVG document.

6.1CVSS5.8AI score0.00272EPSS
CVE
CVEā€¢added 2020/11/06 7:15 a.m.ā€¢74 views

CVE-2020-28249

Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note.

6.1CVSS5.8AI score0.0033EPSS
CVE
CVEā€¢added 2020/09/24 7:15 p.m.ā€¢69 views

CVE-2020-15930

An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag.

6.1CVSS6.2AI score0.02573EPSS
CVE
CVEā€¢added 2018/06/26 4:29 p.m.ā€¢46 views

CVE-2018-1000534

Joplin version prior to 1.0.90 contains a XSS evolving into code execution due to enabled nodeIntegration for that particular BrowserWindow instance where XSS was identified from vulnerability in Note content field - information on the fix can be found here https://github.com/laurent22/joplin/commi...

6.1CVSS6.3AI score0.00462EPSS
CVE
CVEā€¢added 2021/08/03 12:15 a.m.ā€¢41 views

CVE-2021-37916

Joplin before 2.0.9 allows XSS via button and form in the note body.

6.1CVSS5.9AI score0.00262EPSS
CVE
CVEā€¢added 2023/01/31 4:15 p.m.ā€¢35 views

CVE-2022-45598

Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization.

6.1CVSS6.4AI score0.00254EPSS