Vulnerabilities > Joplin Project > Joplin > 1.0.122

DATE CVE VULNERABILITY TITLE RISK
2021-08-03 CVE-2021-37916 Cross-site Scripting vulnerability in Joplin Project Joplin
Joplin before 2.0.9 allows XSS via button and form in the note body.
network
low complexity
joplin-project CWE-79
6.1
6.1
2020-02-17 CVE-2020-9038 Cross-site Scripting vulnerability in Joplin Project Joplin
Joplin through 1.0.184 allows Arbitrary File Read via XSS.
network
low complexity
joplin-project CWE-79
5.4
5.4