Vulnerabilities > Joplinapp > Joplin > 2.8.8

DATE CVE VULNERABILITY TITLE RISK
2022-09-30 CVE-2022-40277 Improper Input Validation vulnerability in Joplinapp Joplin 2.8.8
Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin.
local
low complexity
joplinapp CWE-20
7.8
7.8
2022-07-25 CVE-2022-35131 Cross-site Scripting vulnerability in Joplinapp Joplin 2.8.8
Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles.
network
low complexity
joplinapp CWE-79
critical
 9.0
9.0