Vulnerabilities > Joplinapp > Joplin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-30 | CVE-2022-40277 | Improper Input Validation vulnerability in Joplinapp Joplin 2.8.8 Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. | 7.8 |
| 2021-08-24 | CVE-2021-23431 | Cross-Site Request Forgery (CSRF) vulnerability in Joplinapp Joplin The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms. | 6.8 |