npm/joplin — 14 CVEs

CRITICAL9.8CVE-2022-23340Joplin Vulnerable to Code Injection

from 0, < 2.7.1

CRITICAL9.0CVE-2022-35131Joplin is vulnerable to arbitrary code execution

from 0, < 2.9.1

HIGH7.8CVE-2022-40277Joplin Remote Code Execution

from 0, <= 2.8.8

HIGH7.7Remote Code Execution on click of <a> Link in markdown preview

>= 3.0.0, < 3.1.0

MEDIUM6.1Joplin Cross-site Scripting vulnerability

from 0, < 2.11.5

MEDIUM6.1Joplin Cross-site Scripting vulnerability

from 0, < 2.11.5

MEDIUM6.1Joplin Desktop App vulnerable to Cross-site Scripting

from 0, < 2.9.17

MEDIUM6.1Joplin vulnerable to Cross-site Scripting in notes

from 0, < 2.0.9

MEDIUM6.1Joplin Vulnerable to Cross-site Scripting in Note Content

from 0, < 1.0.90

MEDIUM6.1Cross-site scripting in Joplin

from 0, < 1.3.11

MEDIUM6.1Cross-site Scripting in Joplin

>= 1.0.190, < 1.1.7

MEDIUM5.4Joplin Cross Site Scripting Vulnerability via NOSCRIPT tags

from 0, < 1.8.5

MEDIUM5.4Cross-site Request Forgery (CSRF) in joplin

from 0, < 2.3.2

MEDIUM5.4Cross-site Scripting in Joplin

from 0, < 1.2.1

pkg:npm/joplin