EPSS
Percentile
41.1%
joplin is vulnerable to cross-site request forgery. Lack of CSRF checks in various forms allows an authenticated user to unknowingly perform unwanted action on malicious website.
github.com/laurent22/joplin/commit/19b45de2981c09f6f387498ef96d32b4811eba5e