Описание
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration.
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration.
EPSS
Процентиль: 79%
0.01275
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.6
nvd
больше 5 лет назад
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration.
EPSS
Процентиль: 79%
0.01275
Низкий