Vulnerabilities > Joplin Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-09 | CVE-2024-40643 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin is a free, open source note taking and to-do application. | 9.6 |
| 2024-06-21 | CVE-2023-39517 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin is a free, open source note taking and to-do application. | 5.4 |
| 2023-06-30 | CVE-2023-37298 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin before 2.11.5 allows XSS via a USE element in an SVG document. | 6.1 |
| 2023-06-30 | CVE-2023-37299 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin before 2.11.5 allows XSS via an AREA element of an image map. | 6.1 |
| 2023-01-31 | CVE-2022-45598 | Cross-site Scripting vulnerability in Joplin Project Joplin Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization. | 6.1 |
| 2022-06-16 | CVE-2021-33295 | Cross-site Scripting vulnerability in Joplin Project Joplin Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html. | 5.4 |
| 2022-02-08 | CVE-2022-23340 | Unspecified vulnerability in Joplin Project Joplin 2.6.10 Joplin 2.6.10 allows remote attackers to execute system commands through malicious code in user search results. | 9.8 |
| 2021-08-03 | CVE-2021-37916 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin before 2.0.9 allows XSS via button and form in the note body. | 6.1 |
| 2020-11-06 | CVE-2020-28249 | Cross-site Scripting vulnerability in Joplin Project Joplin 1.2.6 Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note. | 6.1 |
| 2020-09-24 | CVE-2020-15930 | Cross-site Scripting vulnerability in Joplin Project Joplin An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag. | 6.1 |