Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.4
CVSSv3

CVE-2020-9038

Published: 17/02/2020 Updated: 30/12/2021
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 355
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Joplin Project

Vulnerability Summary

Joplin up to and including 1.0.184 allows Arbitrary File Read via XSS.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

joplin project joplin

Exploits

Exploit DB: Joplin Desktop 1.0.184 - Cross-Site Scripting
# Exploit Title: Joplin Desktop 10184 - Cross-Site Scripting # Exploit Author: Javier Olmedo # Date: 2020-02-27 # Vendor: Laurent Cozic # Software Link: githubcom/laurent22/joplin/archive/v10184zip # Affected Version: 10184 and before # Patched Version: 10185 # Category: Remote # Platform: Windows # Tested on: Windows 10 Pro # CWE ...
Exploit DB: Joplin Desktop 1.0.184 Cross Site Scripting
Joplin Desktop version 10184 suffers from a cross site scripting vulnerability ...

Github Repositories

https://github.com/JavierOlmedo/CVE-2020-9038

Disclosure report of CVE-2020-9038

CVE-2020-9038 Disclosure report of CVE-2020-9038 More info: githubcom/laurent22/joplin/commit/3db47b575b9cb0a765da3d283ba nvdnistgov/vuln/detail/CVE-2020-9038 cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2020-9038

References

CWE-79https://github.com/laurent22/joplin/commit/3db47b575b9cb0a765da3d283baa2c065df0d0bchttps://github.com/laurent22/joplin/compare/clipper-1.0.19...clipper-1.0.20http://packetstormsecurity.com/files/156582/Joplin-Desktop-1.0.184-Cross-Site-Scripting.htmlhttps://nvd.nist.govhttps://github.com/JavierOlmedo/CVE-2020-9038https://www.exploit-db.com/exploits/48147
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code executionCVE-2024-34909CVE-2024-3317SSTICVE-2024-3400CVE-2024-30051wirelessCVE-2024-4622CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook