Vulnerabilities > Joplin Project > Joplin > 1.0.244
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-03 | CVE-2021-37916 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin before 2.0.9 allows XSS via button and form in the note body. | 6.1 |
| 2020-09-24 | CVE-2020-15930 | Cross-site Scripting vulnerability in Joplin Project Joplin An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag. | 6.1 |