Vulnerabilities > Joplinapp

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-30	CVE-2022-40277	Improper Input Validation vulnerability in Joplinapp Joplin 2.8.8 Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. local low complexity joplinapp CWE-20	7.8
2022-07-25	CVE-2022-35131	Cross-site Scripting vulnerability in Joplinapp Joplin 2.8.8 Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. network low complexity joplinapp CWE-79 critical	9.0
2021-08-24	CVE-2021-23431	Cross-Site Request Forgery (CSRF) vulnerability in Joplinapp Joplin The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms. network low complexity joplinapp CWE-352	8.8

Vulnerabilities > Joplinapp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Joplinapp"}]}