Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joplin project joplin vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-33295
Cross Site Scripting (XSS) vulnerability in Joplin Desktop App prior to 1.8.5 allows malicious users to execute aribrary code due to improper sanitizing of html.
Joplin Project Joplin
NA
CVE-2022-45598
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows malicious user to execute arbitrary code via improper santization.
Joplin Project Joplin
NA
CVE-2023-37298
Joplin prior to 2.11.5 allows XSS via a USE element in an SVG document.
Joplin Project Joplin
NA
CVE-2023-37299
Joplin prior to 2.11.5 allows XSS via an AREA element of an image map.
Joplin Project Joplin
383
VMScore
CVE-2020-15930
An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag.
Joplin Project Joplin
355
VMScore
CVE-2020-9038
Joplin up to and including 1.0.184 allows Arbitrary File Read via XSS.
Joplin Project Joplin
1 EDB exploit
1 Github repository
383
VMScore
CVE-2018-1000534
Joplin version before 1.0.90 contains a XSS evolving into code execution due to enabled nodeIntegration for that particular BrowserWindow instance where XSS was identified from vulnerability in Note content field - information on the fix can be found here https://github.com/laure...
Joplin Project Joplin
383
VMScore
CVE-2021-37916
Joplin prior to 2.0.9 allows XSS via button and form in the note body.
Joplin Project Joplin
668
VMScore
CVE-2022-23340
Joplin 2.6.10 allows remote malicious users to execute system commands through malicious code in user search results.
Joplin Project Joplin 2.6.10
383
VMScore
CVE-2020-28249
Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note.
Joplin Project Joplin 1.2.6
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started