Vulnerabilities > Joplin Project > Joplin > 1.0.148

DATE CVE VULNERABILITY TITLE RISK
2023-06-30 CVE-2023-37298 Cross-site Scripting vulnerability in Joplin Project Joplin
Joplin before 2.11.5 allows XSS via a USE element in an SVG document.
network
low complexity
joplin-project CWE-79
6.1
6.1
2023-06-30 CVE-2023-37299 Cross-site Scripting vulnerability in Joplin Project Joplin
Joplin before 2.11.5 allows XSS via an AREA element of an image map.
network
low complexity
joplin-project CWE-79
6.1
6.1
2023-01-31 CVE-2022-45598 Cross-site Scripting vulnerability in Joplin Project Joplin
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization.
network
low complexity
joplin-project CWE-79
6.1
6.1
2022-06-16 CVE-2021-33295 Cross-site Scripting vulnerability in Joplin Project Joplin
Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html. 		3.5
3.5
2021-08-03 CVE-2021-37916 Cross-site Scripting vulnerability in Joplin Project Joplin
Joplin before 2.0.9 allows XSS via button and form in the note body. 		4.3
4.3
2020-02-17 CVE-2020-9038 Cross-site Scripting vulnerability in Joplin Project Joplin
Joplin through 1.0.184 allows Arbitrary File Read via XSS. 		3.5
3.5