Vulnerabilities > Joplin Project > Joplin > 2.4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-30 | CVE-2023-37298 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin before 2.11.5 allows XSS via a USE element in an SVG document. | 6.1 |
| 2023-06-30 | CVE-2023-37299 | Cross-site Scripting vulnerability in Joplin Project Joplin Joplin before 2.11.5 allows XSS via an AREA element of an image map. | 6.1 |
| 2023-01-31 | CVE-2022-45598 | Cross-site Scripting vulnerability in Joplin Project Joplin Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization. | 6.1 |