2 matches found
CVE-2024-0849
CVE-2024-0849 (Leanote 2.7.0) is a local-file-read vulnerability caused by a Local File Reading (LFR) weakness, allowing an attacker to obtain arbitrary local files. The vulnerability is explicitly described in multiple sources as affecting Leanote version 2.7.0, with the impact being exposure of...
CVE-2017-1000492
CVE-2017-1000492 affects Leanote-desktop v2.5. The vulnerability is a cross-site scripting (XSS) flaw caused by enabled Node integration, which can lead to code execution. Multiple sources (NVD and Red Hat, OSV, CNVD, etc.) corroborate the issue. CVSS details: CVSS2 base 4.3 (I:P) and CVSS3 base ...