Описание
Cross-site Request Forgery (CSRF) in joplin
The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms.
Пакеты
Наименование
joplin
npm
Затронутые версииВерсия исправления
< 2.3.2
2.3.2
Связанные уязвимости
CVSS3: 5.4
nvd
больше 4 лет назад
The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms.