joplin is vulnerable to cross-site scripting. The vulnerability exists because the surroundKeywords
function of string-utils.js
does not properly escape the malicious html codes in valueRegex
and value
parameters, allowing an attacker to inject and execute malicious javascript.