Описание
Joplin is a free, open source note taking and to-do application. Joplin fails to take into account that "<" followed by a non letter character will not be considered html. As such it is possible to do an XSS by putting an "illegal" tag within a tag.
Уязвимые конфигурации
Конфигурация 1Версия до 3.0.15 (исключая)
cpe:2.3:a:joplin_project:joplin:*:*:*:*:*:-:*:*
EPSS
Процентиль: 68%
0.00556
Низкий
9.6 Critical
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 9.6
debian
больше 1 года назад
Joplin is a free, open source note taking and to-do application. Jopli ...
EPSS
Процентиль: 68%
0.00556
Низкий
9.6 Critical
CVSS3
Дефекты
CWE-79
CWE-79