pkg:npm/joplin

All known vulnerabilities

• CRITICAL9.8CVE-2022-23340Joplin Vulnerable to Code Injection
  from 0, < 2.7.1
• CRITICAL9.0CVE-2022-35131Joplin is vulnerable to arbitrary code execution
  from 0, < 2.9.1
• HIGH7.8CVE-2022-40277Joplin Remote Code Execution
  from 0, <= 2.8.8
• HIGH7.7CVE-2024-49362Remote Code Execution on click of <a> Link in markdown preview
  >= 3.0.0, < 3.1.0
• MEDIUM6.1CVE-2023-37299Joplin Cross-site Scripting vulnerability
  from 0, < 2.11.5
• MEDIUM6.1CVE-2023-37298Joplin Cross-site Scripting vulnerability
  from 0, < 2.11.5
• MEDIUM6.1CVE-2022-45598Joplin Desktop App vulnerable to Cross-site Scripting
  from 0, < 2.9.17
• MEDIUM6.1CVE-2021-37916Joplin vulnerable to Cross-site Scripting in notes
  from 0, < 2.0.9
• MEDIUM6.1CVE-2018-1000534Joplin Vulnerable to Cross-site Scripting in Note Content
  from 0, < 1.0.90
• MEDIUM6.1CVE-2020-28249Cross-site scripting in Joplin
  from 0, < 1.3.11
• MEDIUM6.1CVE-2020-15930Cross-site Scripting in Joplin
  >= 1.0.190, < 1.1.7
• MEDIUM5.4CVE-2021-33295Joplin Cross Site Scripting Vulnerability via NOSCRIPT tags
  from 0, < 1.8.5
• MEDIUM5.4CVE-2021-23431Cross-site Request Forgery (CSRF) in joplin
  from 0, < 2.3.2
• MEDIUM5.4CVE-2020-9038Cross-site Scripting in Joplin
  from 0, < 1.2.1